Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | tests: add test case for removal of anon sets with only a single element | Florian Westphal | 2021-06-07 | 1 | -1/+1 |
| | | | | | | | | | | | | | Also add a few examples that should not be changed: - anon set with 2 elements - anon map with 1 element - anon set with a concatenation The latter could be done with cmp but this currently triggers 'Error: Use concatenations with sets and maps, not singleton values' after removing the anon set. Signed-off-by: Florian Westphal <fw@strlen.de> | ||||
* | evaluate: remove table from cache on delete table | Pablo Neira Ayuso | 2020-07-29 | 1 | -0/+6 |
The following ruleset crashes nft if loaded twice, via nft -ef: add table inet filter delete table inet filter table inet filter { chain input { type filter hook input priority filter; policy drop; iifname { "eth0" } counter accept } } If the table contains anonymous sets, such as __set0, then delete + add table might result in nft reusing the existing stale __set0 in the cache. The problem is that nft gets confused and it reuses the existing stale __set0 instead of the new anonymous set __set0 with the same name. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |