[PATCH nft] Revert "intervals: do not merge intervals with different timeout"

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH nft] Revert "intervals: do not merge intervals with different timeout"
@ 2025-04-17 12:15 Pablo Neira Ayuso
  2025-04-17 13:41 ` Florian Westphal
  0 siblings, 1 reply; 3+ messages in thread
From: Pablo Neira Ayuso @ 2025-04-17 12:15 UTC (permalink / raw)
  To: netfilter-devel; +Cc: linux

This reverts commit da0bac050c8b2588242727f9915a1ea8bc48ceb2.

This results in an error when adding an interval that overlaps an
existing interval in the kernel, this defeats the purpose of the
auto-merge feature.

Reported-by: Slavko <linux@slavino.sk>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/intervals.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/intervals.c b/src/intervals.c
index 1ab443bcde87..bf125a0c59d3 100644
--- a/src/intervals.c
+++ b/src/intervals.c
@@ -162,8 +162,6 @@ static void set_prev_elem(struct expr **prev, struct expr *i,
 	mpz_set(prev_range->high, range->high);
 }
 
-static struct expr *interval_expr_key(struct expr *i);
-
 static void setelem_automerge(struct set_automerge_ctx *ctx)
 {
 	struct expr *i, *next, *prev = NULL;
@@ -183,9 +181,7 @@ static void setelem_automerge(struct set_automerge_ctx *ctx)
 		range_expr_value_low(range.low, i);
 		range_expr_value_high(range.high, i);
 
-		if (!prev ||
-		    interval_expr_key(prev)->timeout != interval_expr_key(i)->timeout ||
-		    interval_expr_key(prev)->expiration != interval_expr_key(i)->expiration) {
+		if (!prev) {
 			set_prev_elem(&prev, i, &prev_range, &range);
 			continue;
 		}
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH nft] Revert "intervals: do not merge intervals with different timeout"
  2025-04-17 12:15 [PATCH nft] Revert "intervals: do not merge intervals with different timeout" Pablo Neira Ayuso
@ 2025-04-17 13:41 ` Florian Westphal
  2025-04-17 15:21   ` Pablo Neira Ayuso
  0 siblings, 1 reply; 3+ messages in thread
From: Florian Westphal @ 2025-04-17 13:41 UTC (permalink / raw)
  To: Pablo Neira Ayuso; +Cc: netfilter-devel, linux

Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> This reverts commit da0bac050c8b2588242727f9915a1ea8bc48ceb2.
> 
> This results in an error when adding an interval that overlaps an
> existing interval in the kernel, this defeats the purpose of the
> auto-merge feature.

Do we need a new nft release?  I'd like to avoid people
relying on the 'just reverted' behaviour.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH nft] Revert "intervals: do not merge intervals with different timeout"
  2025-04-17 13:41 ` Florian Westphal
@ 2025-04-17 15:21   ` Pablo Neira Ayuso
  0 siblings, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2025-04-17 15:21 UTC (permalink / raw)
  To: Florian Westphal; +Cc: netfilter-devel, linux

On Thu, Apr 17, 2025 at 03:41:46PM +0200, Florian Westphal wrote:
> Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> > This reverts commit da0bac050c8b2588242727f9915a1ea8bc48ceb2.
> > 
> > This results in an error when adding an interval that overlaps an
> > existing interval in the kernel, this defeats the purpose of the
> > auto-merge feature.
> 
> Do we need a new nft release?  I'd like to avoid people
> relying on the 'just reverted' behaviour.

That's possible, yes.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-04-17 15:21 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-04-17 12:15 [PATCH nft] Revert "intervals: do not merge intervals with different timeout" Pablo Neira Ayuso
2025-04-17 13:41 ` Florian Westphal
2025-04-17 15:21   ` Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.