git.ipfire.org Git - thirdparty/nftables.git/commit

]> git.ipfire.org Git - thirdparty/nftables.git/commit

projects / thirdparty / nftables.git / commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 29 Aug 2024 10:42:14 +0000 (12:42 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 30 Aug 2024 10:34:10 +0000 (12:34 +0200)
commit	4984da8cc427974ea63796fa60a791b714a71440
tree	d9de077cfc25fbe7dec510a12e1f12c2bab708bf	tree
parent	53a503ad4a1abfa0374b3d12e884b69dc6df4b4f	commit \| diff

cache: relax requirement for replace rule command

No need for full cache, this command relies on the rule handle which is
not validated from userspace. Cache requirements are similar to those
of add/create/delete rule commands.

This speeds up incremental updates with large rulesets.

Extend tests/coverage for rule replacement.

Fixes: 01e5c6f0ed03 ("src: add cache level flags")
Tested-by: Eric Garver <eric@garver.life>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Mirror of git://git.netfilter.org/nftables

RSS Atom

src/cache.c		diff \| blob \| blame \| history
tests/shell/testcases/rule_management/0004replace_0		diff \| blob \| blame \| history
tests/shell/testcases/rule_management/dumps/0004replace_0.json-nft		diff \| blob \| blame \| history
tests/shell/testcases/rule_management/dumps/0004replace_0.nft		diff \| blob \| blame \| history