[Bug 1431] flush set doesn't work as expected in script

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Thu Jul 30 02:02:12 CEST 2020


https://bugzilla.netfilter.org/show_bug.cgi?id=1431

--- Comment #6 from Timo Sigurdsson <public_timo.s at silentcreek.de> ---
(In reply to Pablo Neira Ayuso from comment #5)
> (In reply to James Zeng from comment #0)
> > # nft list ruleset
> > table ip potato {
> >         set potato {
> >                 type ipv4_addr
> >                 flags interval
> >                 elements = { 0.0.0.0-255.255.255.255 }
> >         }
> > }
> > 
> > # cat b.nft
> > flush set ip potato potato;
> > add element ip potato potato {
> >         10.0.0.0/8
> > }
> > 
> > # nft -f b.nft
> > b.nft:3:9-18: Error: interval overlaps with an existing one
> >         10.0.0.0/8
> >                ^^^^^^^^^^
> 
> Upstream fix is available in git.
> 
> http://git.netfilter.org/nftables/commit/
> ?id=40ef308e19b6db02017a8a650406b0c6d37be750
> 
> Thanks for reporting.

Hi Pablo,

I tried this and it didn't work. Both James' and my testcases continue to fail
with the suggested fix. As mentions in my other bug, I tried this on Ubuntu
20.04 and built nftables and libnftnl from source (at commits 7c9bef0 and
330ca1c respectively) and nft now identifies as: nftables v0.9.6 (Capital Idea
#2).

Thanks and regards,

Timo

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200730/79e3f8cf/attachment-0001.html>


More information about the netfilter-buglog mailing list