From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH v2 0/3] evaluate: Fix for 'meta hour' ranges spanning date boundaries
Date: Tue, 29 Jul 2025 18:18:29 +0200 [thread overview]
Message-ID: <20250729161832.6450-1-phil@nwl.cc> (raw)
Kernel's timezone is UTC, so 'meta hour' returns seconds since UTC start
of day. To mach against this, user space has to convert the RHS value
given in local timezone into UTC. With ranges (e.g. 9:00-17:00),
depending on the local timezone, these may span midnight in UTC (e.g.
23:00-7:00) and thus need to be converted into a proper range again
(e.g. 7:00-23:00, inverted). Since nftables commit 347039f64509e ("src:
add symbol range expression to further compact intervals"), this
conversion was broken.
Changes since v1:
- Apply the parser changes of commit 347039f64509e to JSON parser as
well (new patches 1 and 2)
- Misc fixes in patch 3
Phil Sutter (3):
expression: Introduce is_symbol_value_expr() macro
parser_json: Parse into symbol range expression if possible
evaluate: Fix for 'meta hour' ranges spanning date boundaries
doc/primary-expression.txt | 3 +-
include/expression.h | 2 +
src/evaluate.c | 25 +++-
src/parser_bison.y | 6 +-
src/parser_json.c | 12 +-
tests/py/any/meta.t | 9 ++
tests/py/any/meta.t.json | 182 ++++++++++++++++++++++++
tests/py/any/meta.t.json.output | 18 +++
tests/py/any/meta.t.payload | 51 +++++++
tests/shell/testcases/listing/meta_time | 11 ++
10 files changed, 306 insertions(+), 13 deletions(-)
--
2.49.0
next reply other threads:[~2025-07-29 16:18 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-29 16:18 Phil Sutter [this message]
2025-07-29 16:18 ` [nft PATCH v2 1/3] expression: Introduce is_symbol_value_expr() macro Phil Sutter
2025-07-29 16:18 ` [nft PATCH v2 2/3] parser_json: Parse into symbol range expression if possible Phil Sutter
2025-07-29 16:18 ` [nft PATCH v2 3/3] evaluate: Fix for 'meta hour' ranges spanning date boundaries Phil Sutter
2025-07-30 17:26 ` Pablo Neira Ayuso
2025-07-30 16:38 ` [nft PATCH v2 0/3] " Pablo Neira Ayuso
2025-07-30 17:27 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250729161832.6450-1-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).