[Dnsmasq-discuss] [PATCH] Add nftables set support
Chen Zhenge
me at markle.one
Sun Aug 22 12:57:11 UTC 2021
Hi all,
I am trying to switch my firewall setup from iptables to nftables. One
of the remaining parts that still doesn't support it is dnsmasq, so I
wrote a patch to allow adding IP addresses to nftables sets in addition
to ipsets.
This patch adds a new option --nftset, which is the same as --ipset
except that it adds IP address to a given nftables set. It uses
libnftables to perform the operations.
I've done some testing on my PC and found no issues so far. The
implementation shares most of its code with ipset so it should be easy
to review. Please let me know if you have found a bug or need something
else.
Best,
Chen Zhenge
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-nftables-set-support.patch
Type: text/x-patch
Size: 19214 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210822/02c9d740/attachment.bin>
More information about the Dnsmasq-discuss
mailing list