[Bug 888] Assertion errors attempting a statement which (I believe) is grammatically correct.
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Jun 5 17:37:10 CEST 2014
https://bugzilla.netfilter.org/show_bug.cgi?id=888
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
CC| |kaber at trash.net
--- Comment #4 from Pablo Neira Ayuso <pablo at netfilter.org> 2014-06-05 17:37:07 CEST ---
Including Patrick in this bug, in case he's got some better idea to address
this.
Currently, we can only use the implement 'eq', ie.
ip saddr { 1.1.1.0/24 }
But we should be able to support this:
nft add rule ip filter input ip saddr != { 192.168.1.0/24 }
it says:
BUG: invalid expression type set
nft: src/evaluate.c:955: expr_evaluate_relational: Assertion `0' failed.
Aborted
My proposal is to add a NFT_LOOKUP_NEG whose attribute type is NLA_FLAG when
validating in nft_lookup.c to support "negative" lookups. The corresponding
libnftnl and nftables are required as well.
Please, Shui let us know how this is going.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list