diff options
author | Florian Westphal <fw@strlen.de> | 2021-09-28 21:34:30 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2021-09-29 18:31:34 +0200 |
commit | ef6cd93ecb8413c9bfea547783207c39b84fc682 (patch) | |
tree | a990a709ee5b59a6fd79098a9448ea429b249fdf /tests/shell | |
parent | 8a9762dbf15433b6dc361ec03cb3d6f0db652a85 (diff) |
netlink: dynset: set compound expr dtype based on set key definition
"nft add rule ... add @t { ip saddr . 22 ..." will be listed as
'ip saddr . 0x16 [ invalid type]".
This is a display bug, the compound expression created during netlink
deserialization lacks correct datatypes for the value expression.
Avoid this by setting the individual expressions' datatype.
The set key has the needed information, so walk over the types and set
them in the dynset statment.
Also add a test case.
Reported-by: Paulo Ricardo Bruck <paulobruck1@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/sets/0045concat_ipv4_service | 16 | ||||
-rw-r--r-- | tests/shell/testcases/sets/dumps/0045concat_ipv4_service.nft | 12 |
2 files changed, 28 insertions, 0 deletions
diff --git a/tests/shell/testcases/sets/0045concat_ipv4_service b/tests/shell/testcases/sets/0045concat_ipv4_service new file mode 100755 index 00000000..5b40f973 --- /dev/null +++ b/tests/shell/testcases/sets/0045concat_ipv4_service @@ -0,0 +1,16 @@ +#!/bin/bash + +$NFT -f - <<EOF +table inet t { + set s { + type ipv4_addr . inet_service + size 65536 + flags dynamic,timeout + elements = { 192.168.7.1 . 22 } + } + + chain c { + tcp dport 21 add @s { ip saddr . 22 timeout 60s } + } +} +EOF diff --git a/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.nft b/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.nft new file mode 100644 index 00000000..e548a17a --- /dev/null +++ b/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.nft @@ -0,0 +1,12 @@ +table inet t { + set s { + type ipv4_addr . inet_service + size 65536 + flags dynamic,timeout + elements = { 192.168.7.1 . 22 } + } + + chain c { + tcp dport 21 add @s { ip saddr . 22 timeout 1m } + } +} |