[Bug 1120] New: nf_tables_check_loops error on adding element to vmap
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Feb 9 12:12:09 CET 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1120
Bug ID: 1120
Summary: nf_tables_check_loops error on adding element to vmap
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: trivial
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
Reporter: c.marquis at viapass.com
Created attachment 493
--> https://bugzilla.netfilter.org/attachment.cgi?id=493&action=edit
Kernel Logs
Dear NetFilter team,
I'm facing an strange issue, and I had no idea where to put the information so
I came here
I've a simple configuration, like this :
table ip filter {
map ok {
type mark : verdict
elements = { 0x00000001 : jump group_1, 0x00000002 : jump
group_2}
}
chain group_1 {
limit rate 100 kbytes/second counter accept
counter drop
}
chain group_2 {
limit rate 200 kbytes/second counter accept
counter drop
}
chain group_3 {
limit rate 300 kbytes/second counter accept
counter drop
}
chain forward {
type filter hook forward priority 0; policy accept;
counter
ct mark vmap @ok
}
}
(loaded by nft -f)
As you can see the map "ok" is already and perfectly populated with a few
values, working just fine
now if I add a new element after that, with:
-> nft add element filter ok {3: jump group_3}
Then the kernel crash occurs, I'm attaching the logs here
Any information on this would be greatly appreciated
Thanks in advance, and really nice job around this new nftables flexibility,
King Regards,
Cedric
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170209/980c1981/attachment.html>
More information about the netfilter-buglog
mailing list