On 23 March 2015 at 14:32, Laurent Bercot <ska-devel@xxxxxxxxxxx> wrote: > On 23/03/2015 12:45, Pablo Neira Ayuso wrote: >> >> Please, manually apply this: >> >> http://patchwork.ozlabs.org/patch/453392/ >> >> And provide feedback. Thank you. > > > Done. It's working beautifully. Thank you. > > Now that I can play with nft, I have a feature request: > > I'm saving my rule set in a file, called whenever the rule > set must be applied/reapplied via nft -f. (It's to be applied > whenever my DHCP client obtains a new lease.) > I would like the rule set file to be the same for the first > time and the subsequent times the rules are applied. It's only > logical. > I have to "flush table nat" and "flush table filter" at the > beginning of the file, so nft does not duplicate rules on the > second and later invocations. > Problem is, the first invocation fails on those "flush" lines, > because the tables are not defined yet! perhaps `flush ruleset'. That doesn't fail if there is no ruleset. -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
