[Bug 1195] New: 'list ruleset' of 'nft -f' outputs garbage while 'nft list ruleset' seems to work.
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sun Oct 22 00:05:50 CEST 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1195
Bug ID: 1195
Summary: 'list ruleset' of 'nft -f' outputs garbage while 'nft
list ruleset' seems to work.
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: slyfox at inbox.ru
# This report is a valid nft file.
# $ uname -r
# 4.14.0-rc5-00009-g3728e6a255b5
# run as: 'nft -f nft.bug'
# This will output:
# table inet filter {
# chain local-input {
# iifname "lo" meta nfproto ipv4 payload @nh,96,64
0x7f0000017f000001 [invalid type] ip protocol udp counter packets 0 bytes 0
accept
# }
# }
# While when we run 'list ruleset' right afterwards decoding is fine:
# table inet filter {
# chain local-input {
# iifname "lo" ip saddr 127.0.0.1 ip daddr 127.0.0.1 ip
protocol udp counter packets 0 bytes 0 accept
# }
# }
# Note 'payload @nh,96,64 0x7f0000017f000001 [invalid type]' dump. Looks like
decoding is slightly off.
# flush old state
flush ruleset
# filters
table inet filter {
# in real code there is a reference to this chain
chain local-input {
iifname "lo" ip saddr 127.0.0.1 ip daddr 127.0.0.1 ip protocol udp
counter accept
}
}
# dump new state
list ruleset
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20171021/e547544b/attachment.html>
More information about the netfilter-buglog
mailing list