bugzilla-daemon at netfilter.org
2014-May-28 18:15 UTC
[Bug 947] New: meta protocol doesn't work with sets
https://bugzilla.netfilter.org/show_bug.cgi?id=947
Summary: meta protocol doesn't work with sets
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
AssignedTo: pablo at netfilter.org
ReportedBy: anarey at gmail.com
Estimated Hours: 0.0
It's impossible to add a set as a protocol parameter.
We add this rule without a menssage of error:
$ sudo nft add rule ip test input meta protocol {vlan, ip, ip6, arp}
But, Its table doesn't list any information:
$ sudo nft list table ip test
table ip test {
chain input {
}
}
It seems like a memory corruption:
==14445== Process terminating with default action of signal 11 (SIGSEGV)
==14445== Access not within mapped region at address 0x7C96F0D7
==14445== at 0x40B171: expr_evaluate (evaluate.c:1059)
==14445== by 0x40B870: expr_evaluate (evaluate.c:220)
==14445== by 0x40CE26: list_member_evaluate (evaluate.c:597)
==14445== by 0x40B318: expr_evaluate (evaluate.c:677)
==14445== by 0x40B7AE: expr_evaluate (evaluate.c:878)
==14445== by 0x40CFB7: rule_evaluate (evaluate.c:1283)
==14445== by 0x419DD5: nft_parse (parser.y:580)
==14445== by 0x405BCF: nft_run (main.c:223)
==14445== by 0x405854: main (main.c:334)
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Apparently Analagous Threads
- [Bug 834] New: nft crash when invalid meta proto is used
- [Bug 1148] New: Getting a segmentation fault for some reason
- [Bug 915] New: segfault in error case : expr_evaluate_payload not checking payload->payload.desc being null
- [Bug 1079] New: nft-0.6: segfault on add rule ip filter INPUT ip protocol igmp counter accept
- [Bug 948] New: tcp doff option crashes nft
Wisdom of the Ancients
