Re: [PATCH] netfilter: xt_NFLOG: allow 128 character log prefixes

From: Pablo Neira Ayuso
Date: Tue Jul 27 2021 - 17:27:56 EST

Next message: patchwork-bot+netdevbpf: "Re: [PATCH] libbpf: fix commnet typo"
Previous message: Brendan Higgins: "Re: [PATCH 3/4] kunit: Add support for suite initialization and cleanup"
In reply to: Alex Forster: "Re: [PATCH] netfilter: xt_NFLOG: allow 128 character log prefixes"
Next in thread: Alex Forster: "Re: [PATCH] netfilter: xt_NFLOG: allow 128 character log prefixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 27, 2021 at 04:22:10PM -0500, Alex Forster wrote:
> > It should be possible to update iptables-nft to use nft_log from
> > userspace (instead of xt_LOG) which removes this limitation, there is
> > no need for a kernel upgrade.
>
> We have been able to migrate some parts of this workload to the
> nftables subsystem by treating network namespaces sort of like VRFs.
> Unfortunately, we have not been able to use nftables to handle all
> traffic, since it does not have an equivalent for xt_bpf.

I'm not refering to nftables, I'm refering to iptables-nft.

Next message: patchwork-bot+netdevbpf: "Re: [PATCH] libbpf: fix commnet typo"
Previous message: Brendan Higgins: "Re: [PATCH 3/4] kunit: Add support for suite initialization and cleanup"
In reply to: Alex Forster: "Re: [PATCH] netfilter: xt_NFLOG: allow 128 character log prefixes"
Next in thread: Alex Forster: "Re: [PATCH] netfilter: xt_NFLOG: allow 128 character log prefixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]