bugzilla-daemon at netfilter.org
2024-Jul-20 07:42 UTC
[Bug 1762] New: coredump in --optimize
https://bugzilla.netfilter.org/show_bug.cgi?id=1762 Bug ID: 1762 Summary: coredump in --optimize Product: nftables Version: git (please specify your HEAD) Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter: pgnd at dev-mail.net #!/usr/sbin/nft -f define wan = "eth0" define lan = "eth1" define vpn = "tun0" define server = "10.10.10.1" table nat { chain prerouting { type nat hook prerouting priority -100; policy accept; iifname $wan tcp dport 10000 dnat to $server:10000; } chain postrouting { type nat hook postrouting priority 100; policy accept; oifname $vpn masquerade oifname $wan masquerade } } checks ok, no error nft -c -f tmp.nft (empty) but optimize fails nft: optimize.c:486: rule_build_stmt_matrix_stmts: Assertion `k >= 0' failed. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240720/dc3b561e/attachment.html>
https://bugzilla.netfilter.org/show_bug.cgi?id=1762 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> --- https://patchwork.ozlabs.org/project/netfilter-devel/patch/20240718161703.27613-1-pablo at netfilter.org/ -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240720/8d5579fa/attachment.html>
https://bugzilla.netfilter.org/show_bug.cgi?id=1762 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|ASSIGNED |RESOLVED --- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> --- https://git.netfilter.org/nftables/commit/?id=bc1f910f502701f1a1d28c7bd723e4be3bac1d8c -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240724/f85cb945/attachment.html>
Maybe Matching Threads
- [Bug 1360] New: BUG: invalid expression type concat on invalid input "iifname . oifname p . q"
- [Bug 1303] New: nft improperly merges intervals
- [Bug 1117] New: Table ipv4-nat prerouting dnat doesn't accept dest IP:PORT
- [Bug 1263] New: Device or resource busy on nat loading.
- [Bug 1290] New: ptables: nftables layer breaks ipsec/policy keyword