aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
diff options
context:
space:
mode:
authorKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>2022-09-20 15:16:37 +0100
committerKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>2022-09-26 18:02:15 +0100
commit582c098c0936b7f2083541017ef88921bf6d281b (patch)
tree0380691463b249e31a08521f61622be6cdeeff8c /package/network
parentdafa6630125ce92967792d177b02c38b8e64e293 (diff)
downloadupstream-582c098c0936b7f2083541017ef88921bf6d281b.tar.gz
upstream-582c098c0936b7f2083541017ef88921bf6d281b.tar.bz2
upstream-582c098c0936b7f2083541017ef88921bf6d281b.zip
nftables: backport fix to interval based rules
'rule inet dscpclassify dscp_match meta l4proto { udp } th dport { 3478 } th sport { 3478-3497, 16384-16387 } goto ct_set_ef' works with 'nft add', but not 'nft insert', the latter yields: "BUG: unhandled op 4". Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Diffstat (limited to 'package/network')
-rw-r--r--package/network/utils/nftables/Makefile2
-rw-r--r--package/network/utils/nftables/patches/0001-fix-nft.patch23
2 files changed, 24 insertions, 1 deletions
diff --git a/package/network/utils/nftables/Makefile b/package/network/utils/nftables/Makefile
index fd53e3faa1..9691151c7b 100644
--- a/package/network/utils/nftables/Makefile
+++ b/package/network/utils/nftables/Makefile
@@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=nftables
PKG_VERSION:=1.0.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://netfilter.org/projects/$(PKG_NAME)/files
diff --git a/package/network/utils/nftables/patches/0001-fix-nft.patch b/package/network/utils/nftables/patches/0001-fix-nft.patch
new file mode 100644
index 0000000000..2138e254e8
--- /dev/null
+++ b/package/network/utils/nftables/patches/0001-fix-nft.patch
@@ -0,0 +1,23 @@
+'rule inet dscpclassify dscp_match meta l4proto { udp } th dport { 3478 } th sport { 3478-3497, 16384-16387 } goto ct_set_ef'
+works with 'nft add', but not 'nft insert', the latter yields: "BUG: unhandled op 4".
+
+Fixes: 81e36530fcac ("src: replace interval segment tree overlap and automerge")
+Signed-off-by: Florian Westphal <fw@strlen.de>
+---
+ src/evaluate.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/evaluate.c b/src/evaluate.c
+index d9c9ca28a53a..edebd7bcd8ab 100644
+--- a/src/evaluate.c
++++ b/src/evaluate.c
+@@ -1520,6 +1520,7 @@ static int interval_set_eval(struct eval_ctx *ctx, struct set *set,
+ switch (ctx->cmd->op) {
+ case CMD_CREATE:
+ case CMD_ADD:
++ case CMD_INSERT:
+ if (set->automerge) {
+ ret = set_automerge(ctx->msgs, ctx->cmd, set, init,
+ ctx->nft->debug_mask);
+--
+2.35.1