bugzilla-daemon at bugzilla.netfilter.org
2012-Apr-28 10:52 UTC
[Bug 785] New: Strange behavior
http://bugzilla.netfilter.org/show_bug.cgi?id=785
Summary: Strange behavior
Product: ipset
Version: unspecified
Platform: x86_64
OS/Version: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: default
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: ufmufm at gmail.com
Estimated Hours: 0.0
ipset create filter hash:net,iface
ipset add filter 0.0.0.0/1,lo
ipset add filter 128.0.0.0/1,lo
ipset test filter 2.2.2.2,lo
2.2.2.2,lo is in set filter
ipset add filter 2.2.2.0/24,eth1
ipset test filter 2.2.2.2,lo
2.2.2.2,lo is NOT in set filter.
ipset list filter
Name: filter
Type: hash:net,iface
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16976
References: 0
Members:
2.2.2.0/24,eth1
128.0.0.0/1,lo
0.0.0.0/1,lo
ipset -v
ipset v6.10-genl-xta, protocol version: 96
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-May-10 10:32 UTC
[Bug 785] Strange behavior
http://bugzilla.netfilter.org/show_bug.cgi?id=785
Jozsef Kadlecsik <kadlec at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |kadlec at netfilter.org
Resolution| |INVALID
--- Comment #1 from Jozsef Kadlecsik <kadlec at netfilter.org> 2012-05-10
12:32:02 CEST ---
That is how the hash:net,iface type currently works: it stops at the first
match in the network part of the element and returns the match in the interface
part.
In your example 2.2.2.2,lo is matched by the network part of 2.2.2.0/24,eth1
but not with the interface part, so a false result is returned.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.