[Bug 1187] New: SIGABRT: "BUG: unknown expression type prefix"

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon Oct 2 05:33:34 CEST 2017 

https://bugzilla.netfilter.org/show_bug.cgi?id=1187

            Bug ID: 1187
           Summary: SIGABRT: "BUG: unknown expression type prefix"
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: All
            Status: NEW
          Severity: minor
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: alzeih at gmail.com

I'm experiencing a SIGABRT when using nft with a particular rule, when I was
expecting a parse error instead.

The rule is:
"iifname ens3 snat to 10.0.0.0/28"

Command output:
# nft -f /etc/nftables.conf

 BUG: unknown expression type prefix
 nft: netlink_linearize.c:688: netlink_gen_expr: Assertion `0' failed.
 Aborted (core dumped)

With the following ruleset file:
#!/usr/bin/nft -f
# ipv4/ipv6 Simple & Safe Firewall
# you can find examples in /usr/share/nftables/

table ip nat {
  chain input {
    type nat hook input priority 0;
    iifname ens3 snat to 10.0.0.0/28
  }
}

System information:
# uname -a
 Linux archlinux 4.13.3-1-ARCH #1 SMP PREEMPT Thu Sep 21 20:33:16 CEST 2017
x86_64 GNU/Linux
# nft --version
 nftables v0.7 (Scrooge McDuck)

stack trace (without symbols) with message above shows it's probably an
assertion failure:

                Stack trace of thread 685:
                #0  0x00007f622879a8a0 raise (libc.so.6)
                #1  0x00007f622879bf09 abort (libc.so.6)
                #2  0x00007f62287930dc __assert_fail_base (libc.so.6)
                #3  0x00007f6228793153 __assert_fail (libc.so.6)
                #4  0x000055931071e66a n/a (nft)
                #5  0x000055931071f351 n/a (nft)
                #6  0x000055931071c11d n/a (nft)
                #7  0x000055931071c264 n/a (nft)
                #8  0x000055931070c379 n/a (nft)
                #9  0x000055931070c62f n/a (nft)
                #10 0x0000559310709ea5 n/a (nft)
                #11 0x0000559310709916 n/a (nft)
                #12 0x00007f6228786f6a __libc_start_main (libc.so.6)
                #13 0x0000559310709cca n/a (nft)

This may be an entirely reasonable action for this particular rule though.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20171002/9628c6d6/attachment.html>

More information about the netfilter-buglog mailing list