nftables

History

nickgarlis d0b38630ac Defer errors until Flush to avoid incomplete batches Any create/update/delete operation that returns a validation or marshalling error can leave the message batch in an incomplete state due to short-circuiting. This can result in either: - Non-atomic transactions if Flush is called (incomplete batch) - Users being unable to clear the incomplete batch (no API exposed) This change ensures that errors are collected and deferred until Flush. Instead of returning immediately, the following methods now append errors to a slice checked at Flush: - AddSet - DelRule - SetAddElements See: https://github.com/google/nftables/issues/323	2025-08-18 17:21:59 +02:00
..
testdata	Add integration tests for nftables package	2025-01-15 12:42:22 +01:00
nft_test.go	Defer errors until Flush to avoid incomplete batches	2025-08-18 17:21:59 +02:00

nickgarlis d0b38630ac Defer errors until Flush to avoid incomplete batches

Any create/update/delete operation that returns a validation or
marshalling error can leave the message batch in an incomplete state
due to short-circuiting. This can result in either:

  - Non-atomic transactions if Flush is called (incomplete batch)
  - Users being unable to clear the incomplete batch (no API exposed)

This change ensures that errors are collected and deferred until Flush.
Instead of returning immediately, the following methods now append
errors to a slice checked at Flush:

  - AddSet
  - DelRule
  - SetAddElements

See: https://github.com/google/nftables/issues/323

2025-08-18 17:21:59 +02:00

testdata

Add integration tests for nftables package

2025-01-15 12:42:22 +01:00

nft_test.go

Defer errors until Flush to avoid incomplete batches

2025-08-18 17:21:59 +02:00