diff options
author | Phil Sutter <phil@nwl.cc> | 2020-01-13 14:53:24 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-01-13 16:55:37 +0100 |
commit | ddbacd70d061eb1b6808f501969809bfb5d03001 (patch) | |
tree | bab9f7925906890439edf1bc8329b429d7080954 /include/rule.h | |
parent | eb5034108cdc60341b2d61599077db935b6bbc4f (diff) |
monitor: Fix output for ranges in anonymous sets
Previous fix for named interval sets was simply wrong: Instead of
limiting decomposing to anonymous interval sets, it effectively disabled
it entirely.
Since code needs to check for both interval and anonymous bits
separately, introduce set_is_interval() helper to keep the code
readable.
Also extend test case to assert ranges in anonymous sets are correctly
printed by echo or monitor modes. Without this fix, range boundaries are
printed as individual set elements.
Fixes: 5d57fa3e99bb9 ("monitor: Do not decompose non-anonymous sets")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/rule.h')
-rw-r--r-- | include/rule.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/rule.h b/include/rule.h index 6301fe35..d5b31765 100644 --- a/include/rule.h +++ b/include/rule.h @@ -363,6 +363,11 @@ static inline bool set_is_meter(uint32_t set_flags) return set_is_anonymous(set_flags) && (set_flags & NFT_SET_EVAL); } +static inline bool set_is_interval(uint32_t set_flags) +{ + return set_flags & NFT_SET_INTERVAL; +} + #include <statement.h> struct counter { |