[Bug 1438] nft generates wrong intervals for sets with auto-merge
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Aug 29 01:52:16 CEST 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1438
--- Comment #1 from kfm at plushkava.net ---
I tested the given ruleset against nftables (commit c156232) and Linux 5.7.19,
including the net_set_rbtree patch mentioned in bug 1451. I changed "inet" to
"ip", just because it suits my existing ruleset. The following errors occur,
every time:
./test.nft:4:1-44: Error: Could not process rule: File exists
add element ip filter myset { 192.168.0.2 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
./test.nft:6:1-46: Error: Could not process rule: File exists
add element ip filter myset { 192.168.1.100 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I suppose that's an improvement on the behaviour that Timo is seeing, but
hardly ideal. It's clear that that there are are still issues concerning the
auto-merge functionality, as has also been stated in the 13th comment of bug
1392.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/14219d08/attachment.html>
More information about the netfilter-buglog
mailing list