netfilter buglog - Feb 2014 - [Bug 896] New: You can not add the follow kinds of sets: mark, integer, string, lladdr

https://bugzilla.netfilter.org/show_bug.cgi?id=896

           Summary: You can not add the follow kinds of sets: mark,
                    integer, string, lladdr
           Product: nftables
           Version: unspecified
          Platform: x86_64
        OS/Version: Debian GNU/Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
        AssignedTo: pablo at netfilter.org
        ReportedBy: anarey.spam at gmail.com
   Estimated Hours: 0.0


Tt's impossible add these specific kinds of sets: mark, integer, string,
lladdr. Only you can add ipv4_address, ipv6_address (bug
https://bugzilla.netfilter.org/show_bug.cgi?id=895) and inet_service set.


 (tests) $ sudo nft add set ip t-ip2 set-mark { type mark\;}
<cmdline>:1:34-37: Error: syntax error, unexpected mark, expecting string
add set ip t-ip2 set-mark { type mark;}
                                 ^^^^
 (tests) $ sudo nft add set ip t-ip2 set-integer { type integer\;}
<cmdline>:0:30-44: Error: unqualified key data type specified in set
definition
add set ip t-ip2 set-integer { type integer;}
                             ^^^^^^^^^^^^^^^
 (tests) $ sudo nft add set ip t-ip2 set-string { type string\;}
<cmdline>:0:29-42: Error: unqualified key data type specified in set
definition
add set ip t-ip2 set-string { type string;}
                            ^^^^^^^^^^^^^^
 (tests) $ sudo nft add set ip t-ip2 set-lladdr { type lladdr\;}
<cmdline>:0:29-42: Error: unqualified key data type specified in set
definition
add set ip t-ip2 set-lladdr { type lladdr;}
                            ^^^^^^^^^^^^^^
$ sudo nft list table ip t-ip2
table ip t-ip2 {
    set set-ip {
        type ipv4_address
    }

    set set-inetser {
        type inet_service
    }

    chain c-filter {
         type filter hook input priority 0;
    }
}

I can always reproduce this bug.

The last commit in libmnl repo is "090a842 examples: use
mnl_socket_setsockopt"
The last commit in libnftnl repo is "076fd1e include: add cached copy of
linux/kernel.h"
The last commit in nftables repo is 11ba325 bump release number to 0.100

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

https://bugzilla.netfilter.org/show_bug.cgi?id=896

vertago1 at hotmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |vertago1 at hotmail.com

--- Comment #1 from vertago1 at hotmail.com 2014-07-26 05:12:29 CEST ---
I don't believe ll_addr was meant to be used in sets. Use ether_addr
instead. I
don't know about the other types.

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

https://bugzilla.netfilter.org/show_bug.cgi?id=896

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED

--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> ---
mark also works.

String and integer datatypes have no specific length.

It would be good to recover the typeof(selector) idea, eg. typeof(ip saddr) so
we can infer this from the selector, then store what selector has been used in
the typeof() definition in the set userdata area.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160630/c527dd86/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=896

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED

--- Comment #3 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Support for typeof is available since:

commit 92d90e56bd7df6f82ed2c71b781b8e8a189b9413
Author: Florian Westphal <fw at strlen.de>
Date:   Sat Feb 22 22:02:49 2020 +0100

    expressions: concat: add typeof suppor

Closing. Thanks for reporting.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200729/c8c3ac43/attachment.html>