* [RFC] Can someone please review my latest wiki update @ 2017-12-16 9:22 Duncan Roe 2017-12-18 9:48 ` Pablo Neira Ayuso 0 siblings, 1 reply; 4+ messages in thread From: Duncan Roe @ 2017-12-16 9:22 UTC (permalink / raw) To: Netfilter Development Hi, For those who contribute to the wiki: I updated https://wiki.nftables.org/wiki-nftables/index.php/Flow_tables section "Doing iptables hashlimit with nft" in light of trying the examples. There's more in the associated discussion page, Cheers ... Duncan. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [RFC] Can someone please review my latest wiki update 2017-12-16 9:22 [RFC] Can someone please review my latest wiki update Duncan Roe @ 2017-12-18 9:48 ` Pablo Neira Ayuso 2017-12-27 10:38 ` Duncan Roe 0 siblings, 1 reply; 4+ messages in thread From: Pablo Neira Ayuso @ 2017-12-18 9:48 UTC (permalink / raw) To: Netfilter Development Hi Duncan, On Sat, Dec 16, 2017 at 08:22:10PM +1100, Duncan Roe wrote: > Hi, > > For those who contribute to the wiki: > > I updated https://wiki.nftables.org/wiki-nftables/index.php/Flow_tables section > "Doing iptables hashlimit with nft" in light of trying the examples. > > There's more in the associated discussion page, "Notice also that the translator defaults --hashlimit-htable-expire and --hashlimit-burst to 1000 milliseconds and 5 packets respectively so ''timeout 1s'' and ''burst 5 packets'' are inserted. You may remove either or both of these if you wish." I think we can just skip printing default values in the translation, I mean, we can "fix" the translation instead. BTW, this reminds me we should also expose the missing options such as hashlimit-htable-max and hashlimit-htable-gcinterval, those can be exposed too, it just needs some code in nft, I'll add this to my TODO list. Let us know, thanks for reviewing documentation! ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [RFC] Can someone please review my latest wiki update 2017-12-18 9:48 ` Pablo Neira Ayuso @ 2017-12-27 10:38 ` Duncan Roe 2017-12-27 13:08 ` Pablo Neira Ayuso 0 siblings, 1 reply; 4+ messages in thread From: Duncan Roe @ 2017-12-27 10:38 UTC (permalink / raw) To: Netfilter Development Hi Pablo, On Mon, Dec 18, 2017 at 10:48:16AM +0100, Pablo Neira Ayuso wrote: > Hi Duncan, > > On Sat, Dec 16, 2017 at 08:22:10PM +1100, Duncan Roe wrote: > > Hi, > > > > For those who contribute to the wiki: > > > > I updated > > https://wiki.nftables.org/wiki-nftables/index.php/Flow_tables section > > "Doing iptables hashlimit with nft" in light of trying the examples. > > > > There's more in the associated discussion page, > > "Notice also that the translator defaults --hashlimit-htable-expire and > --hashlimit-burst to 1000 milliseconds and 5 packets respectively so > ''timeout 1s'' and ''burst 5 packets'' are inserted. You may remove > either or both of these if you wish." > > I think we can just skip printing default values in the translation, I > mean, we can "fix" the translation instead. > > BTW, this reminds me we should also expose the missing options such as > hashlimit-htable-max and hashlimit-htable-gcinterval, those can be > exposed too, it just needs some code in nft, I'll add this to my TODO > list. > > Let us know, thanks for reviewing documentation! Since there's a patch in the works to fix these spurious defaults, would you mind if I just left it until the fix is committed? Cheers ... Duncan. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [RFC] Can someone please review my latest wiki update 2017-12-27 10:38 ` Duncan Roe @ 2017-12-27 13:08 ` Pablo Neira Ayuso 0 siblings, 0 replies; 4+ messages in thread From: Pablo Neira Ayuso @ 2017-12-27 13:08 UTC (permalink / raw) To: Netfilter Development On Wed, Dec 27, 2017 at 09:38:13PM +1100, Duncan Roe wrote: > Hi Pablo, > > On Mon, Dec 18, 2017 at 10:48:16AM +0100, Pablo Neira Ayuso wrote: > > Hi Duncan, > > > > On Sat, Dec 16, 2017 at 08:22:10PM +1100, Duncan Roe wrote: > > > Hi, > > > > > > For those who contribute to the wiki: > > > > > > I updated > > > https://wiki.nftables.org/wiki-nftables/index.php/Flow_tables section > > > "Doing iptables hashlimit with nft" in light of trying the examples. > > > > > > There's more in the associated discussion page, > > > > "Notice also that the translator defaults --hashlimit-htable-expire and > > --hashlimit-burst to 1000 milliseconds and 5 packets respectively so > > ''timeout 1s'' and ''burst 5 packets'' are inserted. You may remove > > either or both of these if you wish." > > > > I think we can just skip printing default values in the translation, I > > mean, we can "fix" the translation instead. > > > > BTW, this reminds me we should also expose the missing options such as > > hashlimit-htable-max and hashlimit-htable-gcinterval, those can be > > exposed too, it just needs some code in nft, I'll add this to my TODO > > list. > > > > Let us know, thanks for reviewing documentation! > > Since there's a patch in the works to fix these spurious defaults, would you > mind if I just left it until the fix is committed? No problem. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-12-27 13:09 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-12-16 9:22 [RFC] Can someone please review my latest wiki update Duncan Roe 2017-12-18 9:48 ` Pablo Neira Ayuso 2017-12-27 10:38 ` Duncan Roe 2017-12-27 13:08 ` Pablo Neira Ayuso
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.