Hi, The current behaviour corresponds to the mathematical definition of a set.
Which set operator acts like the current behavior? It seams to me that union (add) and complement (remove) would be more ergonomic. For example, a set could be used for banned IPs. Plus it's what every stdlib does anyway. Is there something useful I miss with the current behavior?
But you could always write a simple wrapper which feeds the elements one by one to "nft add element" and ignores the error messages for the duplicates.
That's what I did, but it's not very clean. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
