On Mon, Jul 07, 2025 at 11:47:12AM +0200, Florian Westphal wrote:
> First patch is a preparation patch that moves the trace code
> from netlink.c to the new trace.c file.
>
> Second patch adds the ct info to the trace output.
>
> This patch exposes the 'clash' bit to userspace.
> (Technically its the kernel counterpart).
>
> If you dislike this, I can send a kernel patch that removes
> the bit before dumping ct status bits to userspace, let me
> know.
If this is intentional, then
+ SYMBOL("clash", IPS_UNTRACKED_BIT),
hiding clash bit is probably a good idea.
Just hide it from userspace nftables in this series, later I'd suggest
you proceed with the kernel update.
Thanks.
