bugzilla-daemon at netfilter.org
2014-Feb-10 13:14 UTC
[Bug 902] New: Can not add a rule with a 'version' value as IPv4 header expression
https://bugzilla.netfilter.org/show_bug.cgi?id=902
Summary: Can not add a rule with a 'version' value as IPv4
header expression
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
AssignedTo: pablo at netfilter.org
ReportedBy: anarey.spam at gmail.com
Estimated Hours: 0.0
The error message shows the range of possible values for this option, but It
not possible assign these values. Then, It shows others meaningless errors
There is a reproduction of this bug here:
$ sudo nft list table ip test1
table ip test1 {
chain filter {
type filter hook input priority 0;
}
}
$ sudo nft add rule ip test1 filter ip version 4
<cmdline>:1:1-37: Error: Could not process rule: Invalid argument
add rule ip test1 filter ip version 4
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
$ sudo nft add rule ip test1 filter ip version 6
<cmdline>:1:1-37: Error: Could not process rule: Invalid argument
add rule ip test1 filter ip version 6
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
$ sudo nft add rule ip test1 filter ip version 16
<cmdline>:1:37-38: Error: Value 16 exceeds valid range 0-15
add rule ip test1 filter ip version 16
^^
$ sudo nft add rule ip test1 filter ip version 17
<cmdline>:1:37-38: Error: Value 17 exceeds valid range 0-15
add rule ip test1 filter ip version 17
^^
$ sudo nft add rule ip test1 filter ip version ip
<cmdline>:1:37-38: Error: Value 2048 exceeds valid range 0-15
add rule ip test1 filter ip version ip
^^
$ sudo nft add rule ip test1 filter ip version ip 44
<cmdline>:1:42-42: Error: syntax error, unexpected end of file
add rule ip test1 filter ip version ip 44
^
I can always reproduce this bug.
The last commit in libmnl repo is "090a842 examples: use
mnl_socket_setsockopt"
The last commit in libnftnl repo is "076fd1e include: add cached copy of
linux/kernel.h"
The last commit in nftables repo is 35f689e mnl: fix inclusion of last rule in
batch page
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Reasonably Related Threads
- [Bug 901] New: Can not add a rule with a 'hdrlength' value as IPv4 header expression
- [Bug 895] New: Add a 'ipv6_address' set into a ipv4 table and vice versa
- [Bug 896] New: You can not add the follow kinds of sets: mark, integer, string, lladdr
- [Bug 897] New: Numbers of caracter in the name of set.
- [Bug 919] New: ah: --reserver is not supported (ipv4 and ipv6)
Wisdom of the Ancients
