bugzilla-daemon at netfilter.org
2024-Jan-29 17:38 UTC
[Bug 1734] New: nft set with auto-merge json import/export
https://bugzilla.netfilter.org/show_bug.cgi?id=1734
Bug ID: 1734
Summary: nft set with auto-merge json import/export
Product: nftables
Version: 1.0.x
Hardware: All
OS: All
Status: NEW
Severity: minor
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: apex at xepa.nl
Hi there,
I would like to report a bug with the nft ecosystem pertaining to the
auto-merge setting during the export / import in the JSON format for a set.
Example:
# nft 'add set inet filter myset { type ipv4_addr; flags interval;
auto-merge
}'
# nft 'list set inet filter myset'
table inet filter {
set myset {
type ipv4_addr
flags interval
auto-merge
}
}
# nft --json 'list set inet filter myset' | jq '.nftables[1]'
{
"set": {
"family": "inet",
"name": "myset",
"table": "filter",
"type": "ipv4_addr",
"handle": 2,
"flags": [
"interval"
]
}
}
// export all in json format
# nft --json 'list set inet filter myset' > ./myset.json
// delete myset
# nft 'delete set inet filter myset'
// show it
# nft 'list set inet filter myset'
Error: No such file or directory
list set inet filter myset
// import set again
# nft --json --file ./myset.json
// list set again
# nft 'list set inet filter myset'
table inet filter {
set myset {
type ipv4_addr
flags interval
elements = { 192.168.0.0/24 }
}
}
Notice that the auto-merge setting is gone.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240129/835ea137/attachment.html>
bugzilla-daemon at netfilter.org
2024-Jan-31 16:42 UTC
[Bug 1734] nft set with auto-merge json import/export
https://bugzilla.netfilter.org/show_bug.cgi?id=1734
Phil Sutter <phil at nwl.cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
CC| |phil at nwl.cc
--- Comment #1 from Phil Sutter <phil at nwl.cc> ---
Thanks for the report! Fix submitted upstream:
http://patchwork.ozlabs.org/project/netfilter-devel/patch/20240131164120.5208-1-phil
at nwl.cc/
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240131/5fc56d4a/attachment.html>
bugzilla-daemon at netfilter.org
2024-Jan-31 17:05 UTC
[Bug 1734] nft set with auto-merge json import/export
https://bugzilla.netfilter.org/show_bug.cgi?id=1734
Phil Sutter <phil at nwl.cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #2 from Phil Sutter <phil at nwl.cc> ---
Patch applied.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240131/b563f91b/attachment.html>
Reasonably Related Threads
- [Bug 1449] New: nft ipv4 set with interval issue
- [Bug 1438] New: nft generates wrong intervals for sets with auto-merge
- [Bug 1732] New: nft list chain does not return correct info on RHEL 8
- [Bug 1735] New: Adding nftables interval sets progressively gets slower and makes the nft CLI less responsive with each added set
- [Bug 1733] New: prefix len in a set of ips is wrong in a rule