All of lore.kernel.org
 help / color / mirror / Atom feed
* Problem with flushing nftalbes sets
@ 2020-04-23 14:12 Milan JEANTON
  2020-04-23 14:34 ` Florian Westphal
  2020-04-23 14:37 ` Laura Garcia
  0 siblings, 2 replies; 3+ messages in thread
From: Milan JEANTON @ 2020-04-23 14:12 UTC (permalink / raw)
  To: netfilter-devel

Hello,

I try to send you the message again, it says it couldn't be send because 
it was an HTML type message.


I use nftables for a development project with our company and I'm happy 
with this application but I'm still learning a lot with all the options.

I'm using Debian environments (stretch and buster).

My problem is with the sets of nftables:
I use the sets to manage a large amount of ip addresses since it store 
only the ipv4 addresses without any rules and process it much quicker.

So let's say I have this table configuration:

table ip test {
         set tmp {
                 type ipv4_addr
         }
}

I can add elements in my set without any problem, I can also delete them 
one by one.

The problem I have is that I need to delete all the elements in the tmp 
set and as precised in the manual of nftables I could flush the elements 
of a set:

SETS
[...]
flush    Remove all elements from the specified set.

But when I use the command to flush my sets, it doesn't work and 
displays me an error message

nft 'flush set test tmp'
Error: Could not process rule: Invalid argument
flush set test tmp
^^^^^^^^^^^^^^^^^^^

So I used an other method that worked on version 0.7 by selecting all 
the content of elements, but I updated to version 0.9.4 and can't make 
it work since there is a new line each two addresses and I would rather 
use a native command anyway.

I don't understand what I do wrong ? If you can please help me.

Regards,

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Problem with flushing nftalbes sets
  2020-04-23 14:12 Problem with flushing nftalbes sets Milan JEANTON
@ 2020-04-23 14:34 ` Florian Westphal
  2020-04-23 14:37 ` Laura Garcia
  1 sibling, 0 replies; 3+ messages in thread
From: Florian Westphal @ 2020-04-23 14:34 UTC (permalink / raw)
  To: Milan JEANTON; +Cc: netfilter-devel

Milan JEANTON <m.jeanton@newquest.fr> wrote:
> table ip test {
>         set tmp {
>                 type ipv4_addr
>         }
> }
> 
> I can add elements in my set without any problem, I can also delete them one
> by one.
> 
> The problem I have is that I need to delete all the elements in the tmp set
> and as precised in the manual of nftables I could flush the elements of a
> set:
> 
> SETS
> [...]
> flush    Remove all elements from the specified set.
> 
> But when I use the command to flush my sets, it doesn't work and displays me
> an error message
> 
> nft 'flush set test tmp'
> Error: Could not process rule: Invalid argument
> flush set test tmp
> ^^^^^^^^^^^^^^^^^^^

Its expected to work from Linux 4.10 onwards.

# nft list ruleset
table ip test {
        set tmp {
                type ipv4_addr
                elements = { 1.2.3.4, 5.6.7.8 }
        }
}
# nft flush set test tmp
# nft list ruleset
table ip test {
        set tmp {
                type ipv4_addr
        }
}
# uname -sr
Linux 5.5.17

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Problem with flushing nftalbes sets
  2020-04-23 14:12 Problem with flushing nftalbes sets Milan JEANTON
  2020-04-23 14:34 ` Florian Westphal
@ 2020-04-23 14:37 ` Laura Garcia
  1 sibling, 0 replies; 3+ messages in thread
From: Laura Garcia @ 2020-04-23 14:37 UTC (permalink / raw)
  To: Milan JEANTON; +Cc: Netfilter Development Mailing list

On Thu, Apr 23, 2020 at 4:26 PM Milan JEANTON <m.jeanton@newquest.fr> wrote:
>
> Hello,
>
> I try to send you the message again, it says it couldn't be send because
> it was an HTML type message.
>
>
> I use nftables for a development project with our company and I'm happy
> with this application but I'm still learning a lot with all the options.
>
> I'm using Debian environments (stretch and buster).
>
> My problem is with the sets of nftables:
> I use the sets to manage a large amount of ip addresses since it store
> only the ipv4 addresses without any rules and process it much quicker.
>
> So let's say I have this table configuration:
>
> table ip test {
>          set tmp {
>                  type ipv4_addr
>          }
> }
>
> I can add elements in my set without any problem, I can also delete them
> one by one.
>
> The problem I have is that I need to delete all the elements in the tmp
> set and as precised in the manual of nftables I could flush the elements
> of a set:
>
> SETS
> [...]
> flush    Remove all elements from the specified set.
>
> But when I use the command to flush my sets, it doesn't work and
> displays me an error message
>
> nft 'flush set test tmp'
> Error: Could not process rule: Invalid argument
> flush set test tmp
> ^^^^^^^^^^^^^^^^^^^
>

Hi, which kernel version are you running?

It works in my system.

Cheers.

> So I used an other method that worked on version 0.7 by selecting all
> the content of elements, but I updated to version 0.9.4 and can't make
> it work since there is a new line each two addresses and I would rather
> use a native command anyway.
>
> I don't understand what I do wrong ? If you can please help me.
>
> Regards,

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-04-23 14:37 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-23 14:12 Problem with flushing nftalbes sets Milan JEANTON
2020-04-23 14:34 ` Florian Westphal
2020-04-23 14:37 ` Laura Garcia

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.