[Bug 1145] nft 0.7: expression.c:966: range_expr_value_low: Assertion '0' failed.

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed Jun 7 21:36:48 CEST 2017


https://bugzilla.netfilter.org/show_bug.cgi?id=1145

--- Comment #2 from Ian Kumlien <ian.kumlien at gmail.com> ---
Ok, so doing:
define generic_ports = { <list of generic ports }
define tcp_ports = { <tcp specific ports>, $generic_ports }

Will never work - it will cause the error shown in the bugreport.

But also:
       map protocol_to_rule {
               type inet_proto : verdict
               elements = {
                       udp: jump udp_rule,
                       tcp: jump tcp_rule,
                       icmp: jump icmp_rule
               }
       }
---

Doesn't work if i want to access it - even if the structure is the same as
something like:
https://wiki.nftables.org/wiki-nftables/index.php/Maps

using nft list table <table> gives you the same result - no reason why it
shouldn't work and the error message makes no sense.

Also, since that doesn't work, i now have multiple instances of:
                ip protocol vmap {
                        tcp: jump tcp_reject_rule,
                        udp: jump udp_reject_rule
                }
                ip6 nexthdr vmap {
                        tcp: jump tcp_reject_rule,
                        udp: jump udp_reject_rule
                }
---

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170607/e118d43e/attachment.html>


More information about the netfilter-buglog mailing list