[Bug 1720] New: Time-zone bug in hour-of-day parsing or display

Tue Oct 31 20:45:50 CET 2023

https://bugzilla.netfilter.org/show_bug.cgi?id=1720

            Bug ID: 1720
           Summary: Time-zone bug in hour-of-day parsing or display
           Product: nftables
           Version: 1.0.x
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: aaron.dunlop at gmail.com

Time-of-day rules overflow based on time zone.

E.g., in PDT (GMT - 7):

nft add rule test FORWARD ip saddr 192.168.2.100 meta hour "17:00-17:59” accept
nft list chain test FORWARD
...
        ip saddr 192.168.2.100 meta hour "23:28:16"-"00:27:16" accept

I've tested 1.0.2 and 1.0.8 (with OpenWrt 22.03 and 23.05)

I suspect this may be a formatting defect (display only, not affecting packet
matching), but I haven’t confirmed that yet.

Other cases noted in the discussion at
https://forum.openwrt.org/t/netfilter-time-of-day-behavior-after-17-00/176112

Related: the wiki page indicates that seconds are optional (so the example
above omits them). If I add seconds, I get:

# nft add rule test FORWARD ip saddr 192.168.2.100 meta hour
"16:00:00-16:59:59" accept
Error: syntax error, unexpected colon, expecting end of file or newline or
semicolon
add rule test FORWARD ip saddr 192.168.2.100 meta hour 16:00:00-16:59:59 accept
                                                            ^

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20231031/2ef7ff8b/attachment.html>