I'm in the middle of reading nft manual concerning the "nft set" syntax, and I wanted to ask a few questions to clarify some things I can't figure out. 1. What is the "mark" set type? I understand the other types, but I don't really know how would I use this one. 2. What are flags? There are "constant", "interval" and "timeout", but there's no info on what they do. So what's the difference between them? 3. There's a "timeout flag" and also a regular "timeout". What's the difference between them? 4. In the case of "size", we can read the following: "maximun number of elements in the set, mandatory if set is added to from the packet path (ruleset)". What does "from the packet path (ruleset)" really mean? 5. The next thing is "policy", which can be one of "performance" and "memory". What does the policy do? The default is the fist one. What if I set the other one? What will change?
Attachment:
signature.asc
Description: OpenPGP digital signature
