From 7c09c94b10b6a01c3eb56419f7fb808154a25290 Mon Sep 17 00:00:00 2001 From: Packit Date: Aug 20 2020 13:31:34 +0000 Subject: Apply patch 0003-monitor-Do-not-decompose-non-anonymous-sets.patch patch_name: 0003-monitor-Do-not-decompose-non-anonymous-sets.patch location_in_specfile: 3 present_in_specfile: true --- diff --git a/src/monitor.c b/src/monitor.c index ea0393c..0da9858 100644 --- a/src/monitor.c +++ b/src/monitor.c @@ -500,7 +500,7 @@ static int netlink_events_obj_cb(const struct nlmsghdr *nlh, int type, static void rule_map_decompose_cb(struct set *s, void *data) { - if (s->flags & NFT_SET_INTERVAL) + if (s->flags & (NFT_SET_INTERVAL & NFT_SET_ANONYMOUS)) interval_map_decompose(s->init); } diff --git a/tests/monitor/testcases/set-interval.t b/tests/monitor/testcases/set-interval.t new file mode 100644 index 0000000..59930c5 --- /dev/null +++ b/tests/monitor/testcases/set-interval.t @@ -0,0 +1,20 @@ +# setup first +I add table ip t +I add chain ip t c +O - +J {"add": {"table": {"family": "ip", "name": "t", "handle": 0}}} +J {"add": {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}} + +# add set with elements, monitor output expectedly differs +I add set ip t s { type inet_service; flags interval; elements = { 20, 30-40 }; } +O add set ip t s { type inet_service; flags interval; } +O add element ip t s { 20 } +O add element ip t s { 30-40 } +J {"add": {"set": {"family": "ip", "name": "s", "table": "t", "type": "inet_service", "handle": 0, "flags": ["interval"]}}} +J {"add": {"element": {"family": "ip", "table": "t", "name": "s", "elem": {"set": [20]}}}} +J {"add": {"element": {"family": "ip", "table": "t", "name": "s", "elem": {"set": [{"range": [30, 40]}]}}}} + +# this would crash nft +I add rule ip t c tcp dport @s +O - +J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": "@s"}}]}}}