On 2020/03/10 09:37, Pablo Neira Ayuso wrote:
On Mon, Mar 09, 2020 at 07:35:15PM -0400, Frank Myhr wrote:
I do want to keep the dynamically-added elements across reboot. Is there a
better way to do so?
This is the userspace patch to update the syntax. Still missing
remaining bits, but it is doable.
Pablo,
Thank you very much for the userspace patch to load dynamic set element
counters. Great to have that for applications that need it.
For now I'll stick with released & packaged (debian buster-backports)
nft, and use sed 's/[ ]\+counter[^,\}]\+//g' on saved rulesets before
restoring them.
Also found that set elements with limits are not currently supported --
and it appears that your patch doesn't add that ability. Not sure what
other stateful objects people might add to set elements. For limits,
sed 's/[ ]\+limit[^,\}]\+//g' before restoring from saved ruleset works
for me.
Thanks,
Frank
