[Bug 888] Assertion errors attempting a statement which (I believe) is grammatically correct.

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Thu Jun 5 17:37:10 CEST 2014


Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
             Status|NEW                         |ASSIGNED
                 CC|                            |kaber at trash.net

--- Comment #4 from Pablo Neira Ayuso <pablo at netfilter.org> 2014-06-05 17:37:07 CEST ---
Including Patrick in this bug, in case he's got some better idea to address

Currently, we can only use the implement 'eq', ie.

  ip saddr { }

But we should be able to support this:

  nft add rule ip filter input ip saddr != { }

it says:

  BUG: invalid expression type set
  nft: src/evaluate.c:955: expr_evaluate_relational: Assertion `0' failed.

My proposal is to add a NFT_LOOKUP_NEG whose attribute type is NLA_FLAG when
validating in nft_lookup.c to support "negative" lookups. The corresponding
libnftnl and nftables are required as well.

Please, Shui let us know how this is going.

Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list