The NFT_NLMSG_MAXSIZE constant defines the maximum nf_tables netlink
message. Currently, the largest is the set element message, which
contains the NFTA_SET_ELEM_LIST_ELEMENTS attribute. This attribute is
a nest that describes the set elements. Given that the netlink attribute
length (nla_len) is 16 bits, the largest message is a bit larger than
64 KBytes. Thus, the proposed value of NFT_NLMSG_MAXSIZE is set to
(1 << 16) + getpagesize().
This new constant is used to calculate the length of:
1) the batch page length, when the batching mode is used.
2) the buffer that stores the netlink message in the send (when no
batching is used) and receive paths.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
projects / thirdparty / nftables.git / commit
