Anyone have thoughts on this, especially the questions:
a) is meter an obsolete directive?
b) if not, is it documented anywhere?
c) is it possible to display the counters in a meter?
Thanks,
Devin
On 04/09/2020 10.38, Devin Bayer wrote:
Hello,
I am looking for some docs on the `meter` directive. Should it still be
used instead of `map` or `set` and what are the arguments?
I see it's used in examples in the man page and also on this page:
https://wiki.nftables.org/wiki-nftables/index.php/Meters
However the example does not work as described. When I do
nft list map my_filter_table my_ssh_meter
I don't get the output like is described. First, it's a "set", not a
"map", so I just see "Error: No such file or directory". But when
changing to "list set", I don't see the counters:
table ip my_filter_table {
set my_ssh_meter {
type ipv4_addr . inet_service
size 1000
flags dynamic,timeout
elements = {
3.10.95.11 . 22 expires 14s492ms limit rate 10/second,
3.123.217.208 . 22 expires 38s596ms limit rate 10/second,
...}
}
}
1) I wondering if someone can clarify.
2) If meter is obsolete, as the wiki suggests, can the examples in the
man page be updated?
3) If meter isn't obsolete, can it's usage be added to the man page?
I am using nftables v0.9.6 on kernel 5.7.0.
Thanks,
Devin
