bugzilla-daemon at netfilter.org
2018-Jan-30 10:17 UTC
[Bug 1219] New: nftables prints the routing header type rules incorrectly
https://bugzilla.netfilter.org/show_bug.cgi?id=1219 Bug ID: 1219 Summary: nftables prints the routing header type rules incorrectly Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter: amsalam20 at gmail.com While I was using nftables to add rules to routing header type 0, I found that nft list ruleset command prints them incorrectly. The configuration I was using is shown bellow nft add table ip6 filter nft add chain ip6 filter input { type filter hook input priority 0\;} nft add rule ip6 filter input rt0 addr [1]A::2 nft list ruleset table ip6 filter { chain input { type filter hook input priority 0; policy accept; hbh unknown 0xa0000000000000000000000000002 [invalid type] } } I'm quite to nftables implementation, but after some walkthrough the code I think the problem might be as follows: - when we the struct exthdr_desc for rt0[1], we don't set the type value. - Then allocation function (exthdr_expr_alloc) allocates an HBH header template since the type value is 0. Folks who are more familiar with nftables implementation may have a better explanation so we can find a fix for the this BUG [1]http://git.netfilter.org/nftables/tree/src/exthdr.c#n248 -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180130/2edcae70/attachment.html>
Reasonably Related Threads
- [Bridge] [PATCH net-next 09/16] selftests: forwarding: Move IGMP- and MLD-related functions to lib
- [ANNOUNCE] nftables 0.8 release
- [ANNOUNCE] nftables 0.6 release
- [Bridge] [PATCH net-next 15/16] selftests: forwarding: lib: Add helpers to build IGMP/MLD leave packets
- Re: SSH from host to domain using hostname