Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | hash:net,iface fixed to handle overlapping nets behind different interfaces | Jozsef Kadlecsik | 2011-07-08 | 1 | -0/+33 |
If overlapping networks with different interfaces was added to the set, the type did not handle it properly. Example ipset create test hash:net,iface ipset add test 192.168.0.0/16,eth0 ipset add test 192.168.0.0/24,eth1 Now, if a packet was sent from 192.168.0.0/24,eth0, the type returned a match. In the patch the algorithm is fixed in order to correctly handle overlapping networks. Limitation: the same network cannot be stored with more than 64 different interfaces in a single set. |