diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-06-18 16:19:28 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-06-19 19:40:39 +0200 |
commit | ca4096bf271999e0ce23d0aed83291c50c789239 (patch) | |
tree | 2ce380cb2f9e2a1fd35b3799abd94af5beda762b /tests/shell/testcases/transactions/0024rule_0 | |
parent | caf7db2cb8bac4981908c1d1917481f64a1046ff (diff) |
evaluate: do not allow to list/flush anonymous sets via list command
Don't allow this:
# nft list set x __set0
table ip x {
set __set0 {
type ipv4_addr
flags constant
elements = { 1.1.1.1 }
}
}
Constant sets never change and they are attached to a rule (anonymous
flag is set on), do not list their content through this command. Do not
allow flush operation either.
After this patch:
# nft list set x __set0
Error: No such file or directory
list set x __set0
^^^^^^
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases/transactions/0024rule_0')
0 files changed, 0 insertions, 0 deletions