* [PATCH nft 1/2] monitor: fix double cache update with --echo
@ 2019-07-01 16:38 Pablo Neira Ayuso
2019-07-01 16:38 ` [PATCH nft 2/2] tests: shell: restore element expiration Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Pablo Neira Ayuso @ 2019-07-01 16:38 UTC (permalink / raw)
To: netfilter-devel; +Cc: nevola, phil
The evaluation step already updates the cache for each command in this
batch. There is no need to update the cache again from the echo path,
otherwise the cache is populated twice with the same object.
Fixes: b99c4d072d99 ("Implement --echo option")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
This fixes a crash when combining -f and -e, the follow up patch
introduces a test for such combination.
src/monitor.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/monitor.c b/src/monitor.c
index a68d960bfd4e..5b25c9d4854e 100644
--- a/src/monitor.c
+++ b/src/monitor.c
@@ -900,7 +900,6 @@ int netlink_echo_callback(const struct nlmsghdr *nlh, void *data)
.ctx = ctx,
.loc = &netlink_location,
.monitor_flags = 0xffffffff,
- .cache_needed = true,
};
if (!nft_output_echo(&echo_monh.ctx->nft->output))
--
2.11.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [PATCH nft 2/2] tests: shell: restore element expiration
2019-07-01 16:38 [PATCH nft 1/2] monitor: fix double cache update with --echo Pablo Neira Ayuso
@ 2019-07-01 16:38 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2019-07-01 16:38 UTC (permalink / raw)
To: netfilter-devel; +Cc: nevola, phil
This patch adds a test for 24f33c710e8c ("src: enable set expiration
date for set elements").
This is also implicitly testing for a cache corruption bug that is fixed
by 9b032cd6477b ("monitor: fix double cache update with --echo").
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
tests/shell/testcases/sets/0036add_set_element_expiration_0 | 13 +++++++++++++
1 file changed, 13 insertions(+)
create mode 100755 tests/shell/testcases/sets/0036add_set_element_expiration_0
diff --git a/tests/shell/testcases/sets/0036add_set_element_expiration_0 b/tests/shell/testcases/sets/0036add_set_element_expiration_0
new file mode 100755
index 000000000000..b9b44b0d1c98
--- /dev/null
+++ b/tests/shell/testcases/sets/0036add_set_element_expiration_0
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+NFT=nft
+
+set -e
+
+RULESET="add table ip x
+add set ip x y { type ipv4_addr; flags dynamic,timeout; }
+add element ip x y { 1.1.1.1 timeout 30s expires 15s }"
+
+test_output=$($NFT -e -f - <<< "$RULESET" 2>&1)
+
+diff_output=$(diff -u <(echo "$test_output") <(echo "$RULESET"))
--
2.11.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-07-01 16:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-01 16:38 [PATCH nft 1/2] monitor: fix double cache update with --echo Pablo Neira Ayuso
2019-07-01 16:38 ` [PATCH nft 2/2] tests: shell: restore element expiration Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).