diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-12-13 01:34:15 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-12-13 01:34:15 +0100 |
commit | cd326af6d46b725c99fa8017a294c51876e486f7 (patch) | |
tree | fd832715d88ff62763aa71da22937a9b21390d70 /src | |
parent | 043a272e887f17290efb4b5eda1f7b01b6bb2340 (diff) |
segtree: don't trigger error on exact overlaps
So adding the same element doesn't trigger any error:
# nft add element filter bogons { 3.3.3.123/24 }
# nft add element filter bogons { 3.3.3.123/24 }
Still kernel reports an error if we use create instead:
# nft create element filter bogons { 3.3.3.123/24 }
<cmdline>:1:1-46: Error: Could not process rule: File exists
create element filter bogons { 3.3.3.123/24 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/segtree.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/segtree.c b/src/segtree.c index 45e5f5b2..5b6cdd1d 100644 --- a/src/segtree.c +++ b/src/segtree.c @@ -336,6 +336,10 @@ static unsigned int expr_to_intervals(const struct expr *set, static bool interval_overlap(const struct elementary_interval *e1, const struct elementary_interval *e2) { + if (mpz_cmp(e1->left, e2->left) == 0 && + mpz_cmp(e1->right, e2->right) == 0) + return false; + return (mpz_cmp(e1->left, e2->left) >= 0 && mpz_cmp(e1->left, e2->right) <= 0) || (mpz_cmp(e1->right, e2->left) >= 0 && |