[Bug 1184] New: disable implicit concatenating of elements of sets with flag interval
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Sep 21 11:18:40 CEST 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1184
Bug ID: 1184
Summary: disable implicit concatenating of elements of sets
with flag interval
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: karel at unitednetworks.cz
If consequent elements are added to set with flag interval in one command, they
get concatenated. But when they are added with separate commands, they don't.
This is inconsistent behaviour and needs to be fixed. Listing of such sets and
keeping them in consistence with external data is problematic because of that.
Please disable implicit concatenating for good (maybe except sets with flag
constant) or introduce nft option to let concatenating is not performed for
given operation.
Current (bad) behaviour:
a) adding consequent elements in one command
nft add set t test_set {type ipv4_addr\; flags interval\;}
nft add element t test_set {192.168.0.0, 192.168.0.1}
nft list set t test_set
table ip t {
set test_set {
type ipv4_addr
flags interval
elements = { 192.168.0.0/31 }
}
}
b) adding consequent elements in separate commands
nft flush set t test_set
nft add element t test_set {192.168.0.0}
nft add element t test_set {192.168.0.1}
nft list set t test_set
table ip t {
set test_set {
type ipv4_addr
flags interval
elements = { 192.168.0.0, 192.168.0.1 }
}
}
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170921/921f0d5b/attachment.html>
More information about the netfilter-buglog
mailing list