On Wed, Aug 24, 2016 at 05:25:54PM +0200, Yamakaky wrote:
[...]
> I forgot to tell, but if I remember correctly there is the same problem for
> maps.
This will also work with maps:
# nft add table x
# nft add map x y { type ipv4_addr : ipv4_addr\; }
# nft add element x y { 1.1.1.1 : 2.2.2.2 }
# nft add element x y { 1.1.1.1 : 2.2.2.2 }
# nft create element x y { 1.1.1.1 : 2.2.2.2 }
<cmdline>:1:1-41: Error: Could not process rule: File exists
create element x y { 1.1.1.1 : 2.2.2.2 }
If you specify a different right hand side on the mapping, this hits
EBUSY at this moment if it differs from the initial value:
# nft add element x y { 1.1.1.1 : 2.2.2.3 }
<cmdline>:1:1-38: Error: Could not process rule: Device or resource busy
add element x y { 1.1.1.1 : 2.2.2.3 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For sets with timeouts, it should be possible to support timeout
refresh in a follow up patch too.
Thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
