[Bug 1222] nft list ruleset – infinite memory use

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Tue Jul 16 18:02:35 CEST 2019


Florian Westphal <fw at strlen.de> changed:

           What    |Removed                     |Added
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED
                 CC|                            |fw at strlen.de

--- Comment #4 from Florian Westphal <fw at strlen.de> ---
(In reply to grawity from comment #0)
> When this specific rule is inserted, trying to view it using `nft list
> ruleset` causes the nft client to start allocating infinite amounts of RAM:
> ---
> table inet filter {
> 	chain input {
> 		ct original ip daddr {} accept
> 	}
> }

This is now fixed in nftables git master via


You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190716/11331bc5/attachment.html>

More information about the netfilter-buglog mailing list