Hi,
Dňa Sun, 21 Jul 2024 10:58:30 +0100 "Kerin Millar" <kfm@xxxxxxxxxxxxx>
napísal:
> Mind you, it gets worse. While the nft utility supports a JSON output
> mode to ease parsing, its output is less accurate than the
> conventional output mode in so far as all "timeout" and "expires"
> values are truncated to integer seconds and conveyed as JSON integers.
Even worse, the JSON output lacks counters at all, the nft output:
...
elements = { IP.AD.DR.ES last used never counter packets 0 bytes 0\
expires 1d23h36m40s340ms
...
But JSON output lacks counters:
nft -j list set ... | jq '.nftables[] | select(.set != null).set.elem[0]'
{ "elem": {
"val": "IP.AD.DR.ES",
"expires": 171653,
"last": null
}
}
And yes, error messages are more than cryptic... We was talking about
memory usage, and my first attempt to add/update list of ~2700 items
ended with "Out of memory" error. First i was shocked, 2700 items
consumes 6GB RAM??? It took some time to realize, that i had duplicate
IPs in list. Really not helpful error message, and one element per line
doesn't help with that...
regards
--
Slavko
https://www.slavino.sk
Attachment:
pgpqpZYx_bmTC.pgp
Description: Digitálny podpis OpenPGP
