[Bug 947] New: meta protocol doesn't work with sets

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed May 28 20:15:03 CEST 2014


           Summary: meta protocol doesn't work with sets
           Product: nftables
           Version: unspecified
          Platform: x86_64
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
        AssignedTo: pablo at netfilter.org
        ReportedBy: anarey at gmail.com
   Estimated Hours: 0.0

It's impossible to add a set as a protocol parameter.

We add this rule without a menssage of error:
 $ sudo nft add rule ip test input meta protocol {vlan, ip, ip6, arp}

But, Its table doesn't list any information:
 $ sudo nft list table ip test
table ip test {
    chain input {

It seems like a memory corruption:

==14445== Process terminating with default action of signal 11 (SIGSEGV)
==14445==  Access not within mapped region at address 0x7C96F0D7
==14445==    at 0x40B171: expr_evaluate (evaluate.c:1059)
==14445==    by 0x40B870: expr_evaluate (evaluate.c:220)
==14445==    by 0x40CE26: list_member_evaluate (evaluate.c:597)
==14445==    by 0x40B318: expr_evaluate (evaluate.c:677)
==14445==    by 0x40B7AE: expr_evaluate (evaluate.c:878)
==14445==    by 0x40CFB7: rule_evaluate (evaluate.c:1283)
==14445==    by 0x419DD5: nft_parse (parser.y:580)
==14445==    by 0x405BCF: nft_run (main.c:223)
==14445==    by 0x405854: main (main.c:334)

Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list