git.ipfire.org Git - thirdparty/nftables.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Sun, 7 Jun 2020 13:23:21 +0000 (15:23 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Sun, 7 Jun 2020 17:14:47 +0000 (19:14 +0200)
commit	54eb1e16cc4787906fe8206858f0ea0bfb9c1209
tree	1b0aa087c305318565f26f7616a1a24a508178ed	tree \| snapshot
parent	515d3819dd2ce5c9c99ef7c683ddcbb0ada27da8	commit \| diff

evaluate: missing datatype definition in implicit_set_declaration()

set->data from implicit_set_declaration(), otherwise, set_evaluation()
bails out with:

# nft -f /etc/nftables/inet-filter.nft
/etc/nftables/inet-filter.nft:8:32-54: Error: map definition does not specify
mapping data type
                tcp dport vmap { 22 : jump ssh_input }
                               ^^^^^^^^^^^^^^^^^^^^^^^
/etc/nftables/inet-filter.nft:13:26-52: Error: map definition does not specify
mapping data type
                 iif vmap { "eth0" : jump wan_input }
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add a test to cover this case.

Fixes: 7aa08d45031e ("evaluate: Perform set evaluation on implicitly declared (anonymous) sets")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=208093
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

src/evaluate.c		diff \| blob \| blame \| history
tests/shell/testcases/maps/0009vmap_0	[new file with mode: 0755]	blob
tests/shell/testcases/maps/dumps/0009vmap_0	[new file with mode: 0644]	blob