On Fri, Jul 11, 2025 at 04:52:55PM +0200, Pablo Neira Ayuso wrote: > On Fri, Jul 11, 2025 at 02:19:04PM +0200, Phil Sutter wrote: > > Pablo, > > > > On Thu, Jul 10, 2025 at 12:43:03AM +0200, Pablo Neira Ayuso wrote: > > [...] > > > If you accept this suggestion, it is a matter of: > > > > > > #1 revert the patch in nf.git for the incomplete event notification > > > (you have three more patches pending for nf-next to complete this > > > for control plane notifications). > > > #2 add event notifications to net/netfilter/core.c and nfnetlink_hook. > > > > Since Florian wondered whether I am wasting my time with a quick attempt > > at #2, could you please confirm/deny whether this is a requirement for > > the default to name-based interface hooks or does the 'list hooks' > > extension satisfy the need for user space traceability? > > For me, listing is just fine for debugging. > > If there is a need to track hook updates via events, then > nfnetlink_hook can be extended later. OK, cool! > So I am not asking for this, I thought you needed both listing and > events, that is why I suggest to add events to nfnetlink_hook. Just to be sure I wrote shell test case asserting correct device reg/dereg using 'nft list hooks' tool, works just fine. So let's skip notifications for now. Thanks, Phil
