On Thu, 2023-11-16 at 17:49 +0100, Thomas Haller wrote: > On Thu, 2023-11-16 at 17:10 +0100, Pablo Neira Ayuso wrote: > > It seems that handles are a problem in this diff. > > A possible workaround would be the following (and a `DUMPGEN=y` run) actually, I think first should be understood why the handles are not stable. And whether they are stable on recent kernels (as I think they are supposed to be -- provided the test runs in a new netns). Also, it seems that `nft -j list ruleset` has a bug and does not honor (the lack of) the `--handle` option. Thomas
