mnl: reply netlink error message might be larger than MNL_SOCKET_BUFFER_SIZE
Netlink attribute maximum size is 65536 bytes (given nla_len is
16-bits). NFTA_SET_ELEM_LIST_ELEMENTS stores as many set elements as
possible that can fit into this netlink attribute.
Netlink messages with NLMSG_ERROR type originating from the kernel
contain the original netlink message as payload, they might be larger
than 65536 bytes.
Add NFT_MNL_ACK_MAXSIZE which estimates the maximum Netlink header
coming as (error) reply from the kernel. This estimate is based on the
maximum netlink message size that nft sends from userspace.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1464 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
projects / thirdparty / nftables.git / commit
