Displaying 20 results from an estimated 35 matches for "libnftabl".
Did you mean:
libnftables
2024 Sep 03
1
[Bug 1772] New: Double free corruption in libnftables
https://bugzilla.netfilter.org/show_bug.cgi?id=1772
Bug ID: 1772
Summary: Double free corruption in libnftables
Product: nftables
Version: 1.0.x
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: nellexplorer at gmail.com...
2018 Jan 16
0
[ANNOUNCE] nftables 0.8.1 release
...er_bison: no need for 'name' token for meters
include: refresh nf_tables.h cached copy
build: Bump version to v0.8.1
Phil Sutter (19):
netlink: Use nftnl_expr_fprintf() in netlink_dump_expr()
main: Fix for wrong argument passed to cache_release in nft_ctx_free
libnftables: Move library stuff out of main.c
libnftables: Introduce nft_ctx_flush_cache()
cli: Use nft_run_cmd_from_buffer()
libnftables: Introduce getters and setters for everything
libnftables: Get rid of explicit cache flushes
libnftables: Flush iface cache after command exe...
2020 Feb 04
2
[Bug 1405] New: Possible a bug in n libnftables deserializer. [invalid type]
https://bugzilla.netfilter.org/show_bug.cgi?id=1405
Bug ID: 1405
Summary: Possible a bug in n libnftables deserializer. [invalid
type]
Product: libnftnl
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: libnftnl
Assignee: pablo at netfi...
2023 Oct 17
1
[Bug 1714] New: Stack smash: libnftables does not enforce string length limits for log prefixes
https://bugzilla.netfilter.org/show_bug.cgi?id=1714
Bug ID: 1714
Summary: Stack smash: libnftables does not enforce string
length limits for log prefixes
Product: nftables
Version: 1.0.x
Hardware: x86_64
OS: RedHat Linux
Status: NEW
Severity: major
Priority: P5
Component: nft...
2019 Aug 27
2
[Bug 1361] New: nft segfault on overlapping intervals
...: not-omega
Storage:
/var/lib/systemd/coredump/core.nft.0.d7a30c4dec804cd08fbd79e513dfbc16.8941.1563943033000000.lz4
Message: Process 8941 (nft) of user 0 dumped core.
Stack trace of thread 8941:
#0 0x00007f1d5d9fb39b set_to_intervals (libnftables.so.1)
#1 0x00007f1d5d9dcd2f n/a (libnftables.so.1)
#2 0x00007f1d5d9df2c7 do_command (libnftables.so.1)
#3 0x00007f1d5da02320 n/a (libnftables.so.1)
#4 0x00007f1d5da02cdc nft_run_cmd_from_filename
(libnftables.so.1...
2018 Nov 15
4
[Bug 1297] New: Replacement for nft export vm json?
...Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: anthonyryan1 at gmail.com
It seems in 1.1.2, support for exporting json was removed.
The commit messages reference better support in libnftables but nft 0.9.0 isn't
taking advantage of that because `nft export vm json` is outputting broken json
with a success code.
I'd like to know what the current recommended approach for getting a
future-proof representation of the current firewall state is? I've got a python
application th...
2014 Apr 17
0
[ANNOUNCE] libnftnl 1.0.1 release
Hi!
The Netfilter project proudly presents:
libnftnl 1.0.1
libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This
library is currently used by the nft command line tool.
This release comes with new features available in 3.14 and fixes.
See ChangeLog that comes attached to this email for more details.
You can download it from:
http://www.netfilter.org/projects/libnftnl/downloads.html
ftp://ftp.netfil...
2019 Jul 10
6
[Bug 1351] New: Segfault in v0.9.1
...0007ffff7f10255 in cmd_evaluate_add (ctx=0x7fffffffe970,
cmd=0x555555593050) at evaluate.c:3496
#8 0x00007ffff7f1140d in cmd_evaluate (ctx=0x7fffffffe970, cmd=0x555555593050)
at evaluate.c:3957
#9 0x00007ffff7f335a2 in nft_evaluate (nft=0x55555555ba20,
msgs=0x7fffffffeb00, cmds=0x7fffffffeb10) at libnftables.c:396
#10 0x00007ffff7f339d8 in nft_run_cmd_from_filename (nft=0x55555555ba20,
filename=0x7fffffffeea2 "/etc/nftables/nftables.conf") at libnftables.c:479
#11 0x00005555555567a2 in main (argc=3, argv=0x7fffffffec78) at main.c:310
(gdb) info r rdi
rdi 0x555555562f40 9382...
2020 Jul 19
3
[Bug 1444] New: nftables-0.9.6 crashes on some set notations:
...289 in do_command_list (ctx=0x7fff2a98d110,
cmd=0x55637f6ec290) at rule.c:2527
#14 0x00007f30cec32bc4 in do_command (ctx=0x7fff2a98d110, cmd=0x55637f6ec290)
at rule.c:2753
#15 0x00007f30cec6faf5 in nft_netlink (nft=0x55637f6e52a0, cmds=0x7fff2a98d1c0,
msgs=0x7fff2a98d1b0, nf_sock=0x55637f6e5f30) at libnftables.c:42
#16 0x00007f30cec70c81 in nft_run_cmd_from_filename (nft=0x55637f6e52a0,
filename=0x7fff2a98eb59 "a.nft") at libnftables.c:512
#17 0x000055637e892f41 in main (argc=4, argv=0x7fff2a98d348) at main.c:459
--
You are receiving this mail because:
You are watching all bug changes.
----...
2019 Sep 15
3
[Bug 1365] New: nft crashes in chain_print_declaration()
..../nftables/src/rule.c:2330
#8 0x00007fc1b9afef56 in do_command (ctx=0x7ffc919cdfe0, cmd=0x561fc75ec500)
at ../../../nftables/src/rule.c:2572
#9 0x00007fc1b9b363e2 in nft_netlink (nft=0x561fc75eb2a0, cmds=0x7ffc919ce090,
msgs=0x7ffc919ce080,
nf_sock=0x561fc75ebc30) at ../../../nftables/src/libnftables.c:42
#10 0x00007fc1b9b3754a in nft_run_cmd_from_filename (nft=0x561fc75eb2a0,
filename=0x7ffc919cecff "./nft.ruleset") at
../../../nftables/src/libnftables.c:508
#11 0x0000561fc5f6e70e in main (argc=4, argv=0x7ffc919ce1f8) at
../../../nftables/src/main.c:328
valgrind says it's...
2013 Oct 24
5
[Bug 868] New: Null pointer segfault in netlink code
...blo at netfilter.org
ReportedBy: john at sager.me.uk
Estimated Hours: 0.0
In returning set information, the kernel omits the FLAGS attribute if it is
zero (nf_tables_fill_set() in nf_tables_api.c). Consequently, calls to
nft_set_attr_get_u32() in netlink.c fail because that routine (in libnftables)
dereferences a null pointer returned by nft_set_attr_get(). I fixed it in nft
by calling nft_set_attr_is_set() to test for the attribute's existence. It
could also be fixed in the kernel by unconditionally sending the FLAGS
attribute even if it is zero. Also it might be worth putting some mo...
2018 Feb 18
5
[Bug 1228] New: [REGRESSION] nft cannot load big set anymore
...dcab0,
excl=excl at entry=false) at rule.c:1054
#7 0x00005600a1c967a7 in do_command (ctx=ctx at entry=0x7fff364093e0,
cmd=cmd at entry=0x5600a2fdcab0) at rule.c:1805
#8 0x00005600a1c810e5 in nft_netlink (nf_sock=0x5600a2fdbb50,
msgs=0x7fff36409490, state=0x7fff364094a0, nft=0x5600a2fdba20)
at libnftables.c:47
#9 nft_run (nft=nft at entry=0x5600a2fdba20, nf_sock=0x5600a2fdbb50,
scanner=scanner at entry=0x5600a2fdbb90,
state=state at entry=0x7fff364094a0, msgs=msgs at entry=0x7fff36409490) at
libnftables.c:95
#10 0x00005600a1c817dc in nft_run_cmd_from_filename (nft=0x5600a2fdba20,
filename=0x...
2019 Aug 19
1
[ANNOUNCE] libnftnl 1.1.4 release
Hi!
The Netfilter project proudly presents:
libnftnl 1.1.4
libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This
library is currently used by nftables.
See ChangeLog that comes attached to this email for more details.
You can download it from:
http://www.netfilter.org/projects/libnftnl/downloads.html
ftp://ftp.netfilter.org/pub/libnftnl/
Happy firewalling.
-------------- next part --------------
B...
2015 Sep 16
1
[ANNOUNCE] libnftnl 1.0.4 release
Hi!
The Netfilter project proudly presents:
libnftnl 1.0.4
libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This
library is currently used by the nft command line tool.
This release comes with new features available up to 4.2, see
ChangeLog for more details.
In this release, we have renamed most of the library symbols to use
the nftnl_ prefix while keeping aliases to the old ones. We would like
to r...
2024 Jul 16
0
[ANNOUNCE] nftables 1.1.0 release
...e
tests: shell: add regression test for double-free crash bug
tests: meta_time: fix dump validation failure
tests: packetpath: add check for drop policy
rule: do not crash if to-be-printed flowtable lacks priority
tests: shell: add test case for reset tcp warning
libnftables: fix crash when freeing non-malloc'd address
tests: shell: add more ruleset validation test cases
tests: shell: test jump to basechain is rejected, even if there is no loop
tests: shell: connect chains to hook point
Jeremy Sowden (3):
tests: shell: packetpath/flowtabl...
2020 Apr 09
5
[Bug 1418] New: segfaults when running nft --file foo.nft --echo
...k (ctx=ctx at entry=0x7fffffffdf70,
err_list=err_list at entry=0x7fffffffdf60, num_cmds=num_cmds at entry=161) at
mnl.c:433
#18 0x000055555556b6c5 in nft_netlink (nft=nft at entry=0x55555560c2a0,
cmds=cmds at entry=0x7fffffffe010, msgs=msgs at entry=0x7fffffffe000,
nf_sock=<optimized out>) at libnftables.c:57
#19 0x000055555556bfa8 in nft_run_cmd_from_filename (nft=0x55555560c2a0,
filename=0x7fffffffe4ad "/etc/nftables/init.nft") at libnftables.c:508
#20 0x000055555556acb9 in main (argc=<optimized out>, argv=0x7fffffffe1c8) at
main.c:455
When it is adding the rules and echoing, t...
2017 Oct 12
0
[ANNOUNCE] libnftnl 1.0.8 release
Hi!
The Netfilter project proudly presents:
libnftnl 1.0.8
libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This library
is currently used by the nft command line tool.
This release includes incremental updates to support new kernel
features and bug fixes.
You can download this library from:
http://www.netfilter.org/projects/libnftnl/downloads.html
ftp://ftp.netfilter.org/pub/libnftnl/
Thanks!
---...
2018 Jan 02
0
[ANNOUNCE] libnftnl 1.0.9 release
Hi!
The Netfilter project proudly presents:
libnftnl 1.0.9
libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This library
is currently used by the nft command line tool.
This release includes mostly bug fixes plus one new
nftnl_expr_fprintf() function.
You can download this library from:
http://www.netfilter.org/projects/libnftnl/downloads.html
ftp://ftp.netfilter.org/pub/libnftnl/
Thanks!
--------...
2018 Feb 02
0
[ANNOUNCE] nftables 0.8.2 release
...Pablo Neira Ayuso (4):
Revert ("src: Remove xt_stmt_() functions").
src: add 'auto-merge' option to sets
netlink_delinearize: add assertion to prevent infinite loop
build: Bump version to v0.8.2
Phil Sutter (4):
build: Eliminate forgotten traces of libnftables exporting
configure: Fix help text regarding --enable-debug
configure: Allow to disable man page building
tests/shell: Add back named_interval_automerging_0
Shyam Saini (2):
src: Add import command for low level json
tests: shell: Add tests for low level json import...
2019 May 27
0
[ANNOUNCE] libnftnl 1.1.3 release
Hi!
The Netfilter project proudly presents:
libnftnl 1.1.3
libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This
library is currently used by nftables.
See ChangeLog that comes attached to this email for more details.
You can download it from:
http://www.netfilter.org/projects/libnftnl/downloads.html
ftp://ftp.netfilter.org/pub/libnftnl/
Happy firewalling.
-------------- next part --------------...