firewall: create "dynamic" sets for nft rules for slb-bonding

A workaround for a nftables issue ([1]). I don't know why that matters. [1] https://bugzilla.redhat.com/show_bug.cgi?id=2177667 Fixes: e9268e392418 ('firewall: add mlag firewall utils for multi chassis link aggregation (MLAG) for bonding-slb') https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1614
author: Thomas Haller <thaller@redhat.com> 2023-05-02 08:54:21 +0200
committer: Thomas Haller <thaller@redhat.com> 2023-05-03 08:12:15 +0200
commit: d3b54963622f242db1ebeda21dedd9558b484355 (patch)
tree: 06b0ce64c2edf2230cfb9e16adb245cbe530b597
parent: 86e635dd4d517c2086aed6352b42fe30b5f8e4fc (diff)
download: NetworkManager-d3b54963622f242db1ebeda21dedd9558b484355.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c
index f231583a21..03f1a9a5eb 100644
--- a/src/core/nm-firewall-utils.c
+++ b/src/core/nm-firewall-utils.c
@@ -889,12 +889,12 @@ nm_firewall_nft_stdio_mlag(gboolean           up,
          */
         _append(&strbuf,
                 "add set netdev %s macset-tagged {"
-                " typeof ether saddr . vlan id; flags timeout; "
+                " typeof ether saddr . vlan id; flags dynamic,timeout; "
                 "}",
                 table_name);
         _append(&strbuf,
                 "add set netdev %s macset-untagged {"
-                " typeof ether saddr; flags timeout;"
+                " typeof ether saddr; flags dynamic,timeout; "
                 "}",
                 table_name);
author	Thomas Haller <thaller@redhat.com>	2023-05-02 08:54:21 +0200
committer	Thomas Haller <thaller@redhat.com>	2023-05-03 08:12:15 +0200
commit	d3b54963622f242db1ebeda21dedd9558b484355 (patch)
tree	06b0ce64c2edf2230cfb9e16adb245cbe530b597
parent	86e635dd4d517c2086aed6352b42fe30b5f8e4fc (diff)
download	NetworkManager-d3b54963622f242db1ebeda21dedd9558b484355.tar.gz