On Tuesday 2010-06-22 20:30, Florian Effenberger wrote:
>Hi Jan,
>
>thanks for the fast reply!
>
>Am 22.06.2010 um 20:19 schrieb Jan Engelhardt:
>
>> So create another chain. The in-memory table does not know DNS, and
>> rightfully so.
>
>what does another chain help?
That you can independently refill the extra chain without having
to touch other rules. That is to say,
forall (addrs) {
add_new_addrs to chain;
++i;
}
while (delete rules from chain with an index #i does not throw an error)
;
That gets harder when you have extra rules in the chain you are
manipulating.
Alternatively, you could issue the delete operation with i+10
to keep the previous addresses around - and let them die off
by this pseudo-LRU mechanism.
>I need to keep some records in the tables, because of clients that
>might have still the "old" address in their cache. The tables get
>cluttered anyways, no matter if I use one or several user-defined
>chains.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
