On 26/02/2019 16:54, Mikhail Morfikov wrote: > I'm in the middle of reading nft manual concerning the "nft set" syntax, > and I wanted to ask a few questions to clarify some things I can't figure > out. > > 1. What is the "mark" set type? I understand the other types, but I don't > really know how would I use this one. > 2. What are flags? There are "constant", "interval" and "timeout", but > there's no info on what they do. So what's the difference between them? > 3. There's a "timeout flag" and also a regular "timeout". What's the > difference between them? > 4. In the case of "size", we can read the following: "maximun number of > elements in the set, mandatory if set is added to from the packet path > (ruleset)". What does "from the packet path (ruleset)" really mean? > 5. The next thing is "policy", which can be one of "performance" and > "memory". What does the policy do? The default is the fist one. What > if I set the other one? What will change? > > Any info on this?
Attachment:
signature.asc
Description: OpenPGP digital signature
