From 6fa394d59d91e6cfa3c107128ad1f7d6a6d70257 Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Fri, 13 Mar 2015 21:18:58 +0100
Subject: Fix cidr handling for hash:*net* types

Commit 092d67cda9ad4 broke the cidr handling for the hash:*net* types
when the sets were used by the SET target: entries with invalid cidr
values were added to the sets. Reported by Jonathan Johnson.

Testsuite entry is added to verify the fix.
---
 tests/match_target.t | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'tests/match_target.t')

diff --git a/tests/match_target.t b/tests/match_target.t
index 1739fae..02a0ea3 100644
--- a/tests/match_target.t
+++ b/tests/match_target.t
@@ -88,4 +88,20 @@
 0 ./check_klog.sh 10.255.255.64 udp 1025 mark
 # Destroy sets and rules
 0 ./iptables.sh inet stop
+# Create test set and iptables rules
+0 ./iptables.sh inet add
+# Send probe packet from 10.255.255.64,udp:1025
+0 sendip -p ipv4 -id 127.0.0.1 -is 10.255.255.64 -p udp -ud 80 -us 1025 127.0.0.1
+# Check that 10.255.255.64 is added to the set
+0 ipset t test 10.255.255.64
+# Flush set
+0 ipset f test
+# Add a /24 network to the set
+0 ipset a test 1.1.1.0/24
+# Send probe packet from 10.255.255.64,udp:1025 again
+0 sendip -p ipv4 -id 127.0.0.1 -is 10.255.255.64 -p udp -ud 80 -us 1025 127.0.0.1
+# Check that 10.255.255.0/24 is added to the set
+0 ipset t test 10.255.255.0/24
+# Destroy sets and rules
+0 ./iptables.sh inet stop
 # eof
-- 
cgit v1.2.3