bugzilla-daemon at netfilter.org
2020-Aug-24 06:26 UTC
[Bug 1454] New: nft list set omits timeout values for intervals formatted as hyphenated ranges
https://bugzilla.netfilter.org/show_bug.cgi?id=1454
Bug ID: 1454
Summary: nft list set omits timeout values for intervals
formatted as hyphenated ranges
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: kfm at plushkava.net
Sometimes, the list set command expresses intervals as ranges rather than in
CIDR notation. I do not understand what the criteria is for doing so, exactly.
When it happens, the attached timeout values are not reported.
Here are some demonstrations, which were carried out with nftables (commit
ca2e6e0), libnftnl (commit a4db940) and Linux 5.7.16.
# nft create table t
# nft 'add set t s { type ipv4_addr; flags interval; timeout 60s; }'
# nft add element t s { 224.0.0.0/3 }
# nft list set t s | grep -o 'elements.*'
elements = { 224.0.0.0-255.255.255.255 }
Here, the list command has not shown the timeout for the element, even though
one is attached.
# nft flush set t s
# nft add element t s { 224.0.0.0/4, 240.0.0.0/4 }
# nft list set t s | grep -o 'elements.*'
elements = { 224.0.0.0/4 expires 55s152ms, 240.0.0.0-255.255.255.255 }
Here, the list command shows two elements, with the timeout missing for one of
them.
# nft delete set t s
# nft 'add set t s { type ipv4_addr; flags interval; auto-merge; timeout
60s;
}'
# nft add element t s { 224.0.0.0/4, 240.0.0.0/4 }
# nft list set t s | grep -o 'elements.*'
elements = { 224.0.0.0-255.255.255.255 }
Here, the given elements have been correctly merged but, again, the timeout is
missing.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200824/806b1386/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-24 06:27 UTC
[Bug 1454] nft list set omits timeout values for intervals formatted as hyphenated ranges
https://bugzilla.netfilter.org/show_bug.cgi?id=1454
kfm at plushkava.net changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugzilla.netfilter.
| |org/show_bug.cgi?id=1392
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200824/1c521108/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-27 03:47 UTC
[Bug 1454] nft list set omits timeout values for intervals formatted as hyphenated ranges
https://bugzilla.netfilter.org/show_bug.cgi?id=1454
kfm at plushkava.net changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugzilla.netfilter.
| |org/show_bug.cgi?id=1180
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200827/5b7b2a35/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-29 00:18 UTC
[Bug 1454] nft list set omits timeout values for intervals formatted as hyphenated ranges
https://bugzilla.netfilter.org/show_bug.cgi?id=1454
kfm at plushkava.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |1461
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200829/5f2757cd/attachment.html>
bugzilla-daemon at netfilter.org
2020-Dec-02 19:16 UTC
[Bug 1454] nft list set omits timeout values for intervals formatted as hyphenated ranges
https://bugzilla.netfilter.org/show_bug.cgi?id=1454
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
IIRC this is fixed by:
commit c1f0476fd59002db14172072d9f192c23deb2a1f
Author: Florian Westphal <fw at strlen.de>
Date: Thu Oct 15 16:47:21 2020 +0200
segtree: copy expr data to closing element
Could you confirm this? Thanks.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201202/e0a03146/attachment-0001.html>
bugzilla-daemon at netfilter.org
2020-Dec-03 01:36 UTC
[Bug 1454] nft list set omits timeout values for intervals formatted as hyphenated ranges
https://bugzilla.netfilter.org/show_bug.cgi?id=1454
kfm at plushkava.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #2 from kfm at plushkava.net ---
I can indeed. Version 0.9.7 works perfectly. Closing as RESOLVED.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201203/9ae6665e/attachment.html>