diff options
author | Phil Sutter <phil@nwl.cc> | 2019-11-21 11:41:24 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-12-02 19:25:22 +0100 |
commit | dd44081d91ceaead0a9730f1ab5c8041a4d905e2 (patch) | |
tree | d813dff15e184d52444e192c27195e6d129292ef /src | |
parent | 7e326d697ecf43ea029de5584e59701eb61ca87e (diff) |
segtree: Fix add and delete of element in same batch
The commit this fixes accidentally broke a rather exotic use-case which
is but used in set-simple.t of tests/monitor:
| # nft 'add element t s { 22-25 }; delete element t s { 22-25 }'
Since ranges are now checked for existence in userspace before delete
command is submitted to kernel, the second command above was rejected
because the range in question wasn't present in cache yet. Fix this by
adding new interval set elements to cache after creating the batch job
for them.
Fixes: decc12ec2dc31 ("segtree: Check ranges when deleting elements")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/rule.c | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -1511,6 +1511,14 @@ static int __do_add_setelems(struct netlink_ctx *ctx, struct set *set, if (mnl_nft_setelem_add(ctx, set, expr, flags) < 0) return -1; + if (set->init != NULL && + set->flags & NFT_SET_INTERVAL) { + interval_map_decompose(expr); + list_splice_tail_init(&expr->expressions, &set->init->expressions); + set->init->size += expr->size; + expr->size = 0; + } + return 0; } |