[Bug 1715] __netlink_gen_concat_key assertion raised by expanding set-defining variable as a component of a set key
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Wed Oct 25 12:26:19 CEST 2023
https://bugzilla.netfilter.org/show_bug.cgi?id=1715
Phil Sutter <phil at nwl.cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |phil at nwl.cc
--- Comment #3 from Phil Sutter <phil at nwl.cc> ---
Just for the record: This is neither a crash nor "dying to a signal". It's
merely an assert() call triggering because the parser constructed something the
remaining code can't handle. Effectively this is a case of missing error
handling (or insufficient parser strictness), not a bug.
I guess the given ruleset works if you pull the second concat part into the
defined variable like so:
define ext_if = { "eth0" . 22, "eth1" . 22 }
[...]
iifname .tcp dport $ext_if accept
[...]
right?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20231025/85cd2af3/attachment.html>
More information about the netfilter-buglog
mailing list