[Bug 844] New: Can set apparently invalid netmask for hash:ip

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Tue Aug 13 03:21:57 CEST 2013


           Summary: Can set apparently invalid netmask for hash:ip
           Product: ipset
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: default
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: quentin at armitage.org.uk
   Estimated Hours: 0.0

The following fails as expected:
# ipset create foo hash:ip family ipv6 netmask 1
ipset v6.19: Syntax error: '1' is out of range 4-124

However, the following does not fail:
# ipset create foo hash:ip netmask 1 family ipv6
# ipset add foo ffff::
# ipset list foo
Name: foo
Type: hash:ip
Revision: 0
Header: family inet6 hashsize 1024 maxelem 65536 netmask 1
Size in memory: 16504
References: 0

Is there a reason why a netmask of 32 cannot be specified for ipv4 hash:ip
sets, and also netmasks of 1,2,3,125,126,127 and 128 can't be specified for
ipv6 sets?

It would be very helpful for me if an ipv4 netmask of 32 and an ipv6 netmask of
128 could be specified, since I have to have code specifically not adding the
netmask option if those netmasks are required.

Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list