Hi, On Mon, 28 Jul 2025, Florian Westphal wrote:
Another option might be to replace a flush with delset+newset internally, but this will get tricky because the set/map still being referenced by other rules, we'd have to fixup the ruleset internally to use the new/empty set while still being able to roll back.
If "data" of struct nft_set would be a pointer to an allocated memory area, then there'd be no need to fixup the references in the rules: it would be enough to create-delete the data part. (All non-static, set data related attributes could be move to the "data" as well, like nelems, ndeact.) But it'd mean a serious redesign.
Best regards, Jozsef
