From 19010edb47a6b58f9777461cb4b370ae2a4e95ac Mon Sep 17 00:00:00 2001
From: black-desk <me@black-desk.cn>
Date: Wed, 25 Oct 2023 12:04:28 +0800
Subject: [PATCH] chore: add comment

Signed-off-by: black-desk <me@black-desk.cn>
---
 pkg/nftman/private.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/nftman/private.go b/pkg/nftman/private.go
index d1e409b..f0cc7b9 100644
--- a/pkg/nftman/private.go
+++ b/pkg/nftman/private.go
@@ -134,6 +134,10 @@ func (t *NFTManager) addTproxyChainForTProxy(
 			Data:     []byte{unix.IPPROTO_TCP},
 		}
 	} else {
+		// NOTE:
+		// Only add set when we use it, otherwise we will get an EINVAL
+		// https://github.com/torvalds/linux/blob/4f82870119a46b0d04d91ef4697ac4977a255a9d/net/netfilter/nf_tables_api.c#L9881
+
 		err = conn.AddSet(t.protoSet, t.protoSetElement)
 		if err != nil {
 			return