search for: netlink_linearize

...netlink: style fixes netlink: readability fixes netlink_delinearize: rename netlink_parse_*_sreg/dreg functions netlink_delinearize: cleanup hard to read code concat: add concat subtype lookup/id helpers netlink_delinearize: add register parsing helper function netlink_linearize: add register dumping helper function parser: properly fix handling of large integer values set: remove unused set_clone() function expr: fix crash when listing non-verdict mappings meta: don't print meta keyword for unqualified meta stmts evaluate: verify named ma...

...orted order tests/shell/run-tests.sh: print hint about testcase being executed Arturo Borrero Gonzalez (1): rule: fix printing of rule comments Carlos Falgueras Garc?a (6): src: Add command "replace" for rules rule: Use libnftnl user data TLV infrastructure netlink_linearize: do not duplicate user data when linearizing user data set_elem: Use libnftnl/udata to store set element comment parser: Consolidate comment production parser: cap comment length to 128 bytes Florian Westphal (54): tests: don't depend on set element order nft: all...

...finitions from libnftnl segtree: don't check for overlaps if set definition is empty tests: shell: cover transactions via nft -f using flat syntax datatype: time_type should send milliseconds to userspace parser_bison: restore parsing of dynamic set element updates netlink_linearize: skip NFTNL_EXPR_DYNSET_TIMEOUT attribute if timeout is unset include: cache ip_tables.h, ip6_tables.h, arp_tables.h and ebtables.h src: add xt compat support parser_bison: fix typo in symbol redefinition error reporting tests: shell: make sure split table definition works v...

...Reporter: alzeih at gmail.com I'm experiencing a SIGABRT when using nft with a particular rule, when I was expecting a parse error instead. The rule is: "iifname ens3 snat to 10.0.0.0/28" Command output: # nft -f /etc/nftables.conf BUG: unknown expression type prefix nft: netlink_linearize.c:688: netlink_gen_expr: Assertion `0' failed. Aborted (core dumped) With the following ruleset file: #!/usr/bin/nft -f # ipv4/ipv6 Simple & Safe Firewall # you can find examples in /usr/share/nftables/ table ip nat { chain input { type nat hook input priority 0; iifname ens3 s...

...tests: add test case that checks icmp6 in-ipv4 tests: nft removes required payload protocol expressions tests: enable ip/ip.t for bridge protocol, too tests: nft removes required inet dependency expressions ct: don't print newline if label bit cannot be mapped netlink_linearize: exthdr op must be u32 Harsha Sharma (4): tests: shell: add testcases for named limits tests/monitor: Print error "this requires root" and exit evaluate: print error for null string tests/py: add test for empty string match Pablo M. Bermudo Garay (1): src:...

https://bugzilla.netfilter.org/show_bug.cgi?id=1392 Bug ID: 1392 Summary: nft stalls on EGAIN upon repeatedly flushing and populating a set Product: nftables Version: unspecified Hardware: x86_64 OS: Gentoo Status: NEW Severity: normal Priority: P5 Component: nft

...s: shell: netdevice removal for inet family tests: shell: cover netns removal for netdev and inet/ingress basechains datatype: display 0s time datatype tests: shell: missing auto-merge in json output evaluate: skip byteorder conversion for selector smaller than 2 bytes netlink_linearize: add assertion to catch for buggy byteorder evaluate: permit use of host-endian constant values in set lookup keys expression: missing line in describe command with invalid expression rule: fix ASAN errors in chain priority to textual names evaluate: translate meter into dyn...

...per src: rework batching logic to fix possible use of uninitialized pages main: propagate error to shell mnl: introduce NFT_NLMSG_MAXSIZE mnl: fix crashes when using sets with many elements src: add level option to the log statement src: don't return error in netlink_linearize_rule() include: refresh include/linux/nf_tables.h cached copy log: netlink_linearize: don't set level if user didn't specify src: fix 'describe' command when passing wrong expressions mnl: consistency checks across several netlink dumps mnl: use nft_bat...

...parser: prohibit redefinitions of symbols and verify existance on use files: add inet filter table definition cmd: initialize cmd list and use list_splice_tail() for adding to command list netlink: add netlink specific location eval: use list_splice_tail() properly netlink_linearize: fix flagcmp op Merge branch 'next-3.14' of git.netfilter.org:nftables into next-3.14 evaluate: use flagcmp for single RHS bitmask expression binop: take care of operator precedence when printing binop arguments netlink_delinarize: convert *all* bitmask values into i...

...a: * https://bugzilla.netfilter.org Make sure you create no duplicates already, thanks! Happy firewalling! -------------- next part -------------- Anatole Denis (2): scanner: fix search_in_include_path test erec: Fix input descriptors for included files Anders K. Pedersen (1): netlink_linearize: skip set element expression in set statement key Arturo Borrero Gonzalez (5): payload: explicit network ctx assignment for icmp/icmp6 in special families expression: print sets and maps in pretty format evaluate: avoid reference to multiple src data in statements which set value...