git.ipfire.org Git - thirdparty/nftables.git/commit

]> git.ipfire.org Git - thirdparty/nftables.git/commit

projects / thirdparty / nftables.git / commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 6 Dec 2013 09:24:20 +0000 (10:24 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 6 Dec 2013 12:00:27 +0000 (13:00 +0100)
commit	2eb1c30d55f1433e11275f85a97d3694188ecc40
tree	e951942b4ab3a508ac64e3102ad767f9c44cdd88	tree
parent	b920d059008e037900b879aad7f1a5517591cb7e	commit \| diff

src: fix rule flushing atomically

nft is currently retrieving the list of rule from the kernel, then
deleting each rule one by one. This is slow and not safe. Fix it
by sending a deletion command in a batch without specifying the
chain.

This change requires the kernel fix entitled:
netfilter: nf_tables: fix missing rules flushing per table

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

src/netlink.c

diff | blob | blame | history

Mirror of git://git.netfilter.org/nftables

RSS Atom