commit
3f776e8b37d8022d4492ed8be136e99f5a88ab9e upstream.
f8f32deda31d ("meta: Introduce new conditions 'time', 'day' and 'hour'")
reverses a cross-day range expressed as "22:00"-"02:00" UTC time into
!= "02:00"-"22:00" so meta hour ranges works.
Listing is however confusing, hence,
44d144cd593e ("netlink_delinearize:
reverse cross-day meta hour range") introduces code to reverse a cross-day.
However, it also adds code to reverse a range in == to-from form
(assuming OP_IMPLICIT) which is never exercised from the listing path
because the range expression is not currently used, instead two
instructions (cmp gte and cmp lte) are used to represent the range.
Remove this branch otherwise a reversed notation will be used to display
meta hour ranges once the range instruction is to represent this.
Add test for cross-day scenario in EADT timezone.
Fixes: 44d144cd593e ("netlink_delinearize: reverse cross-day meta hour range")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* is a cross-day range.
*/
if (mpz_cmp(range->left->value,
- range->right->value) <= 0) {
- if (expr->op == OP_NEQ) {
- range_expr_swap_values(range);
- expr->op = OP_IMPLICIT;
- } else if (expr->op == OP_IMPLICIT) {
- range_expr_swap_values(range);
- expr->op = OP_NEG;
- }
+ range->right->value) <= 0 &&
+ expr->op == OP_NEQ) {
+ range_expr_swap_values(range);
+ expr->op = OP_IMPLICIT;
}
}
/* fallthrough */
check_decode UTC-1
+$NFT flush chain t c
TZ=EADT $NFT add rule t c meta hour "03:00"-"14:00"
TZ=EADT $NFT add rule t c meta hour "04:00"-"15:00"
TZ=EADT $NFT add rule t c meta hour "05:00"-"16:00"
TZ=EADT $NFT add rule t c meta hour "06:00"-"17:00"
+
+printf "\t\tmeta hour \"%02d:%02d\"-\"%02d:%02d\"\n" 3 0 14 0 > "$TMP1"
+printf "\t\tmeta hour \"%02d:%02d\"-\"%02d:%02d\"\n" 4 0 15 0 >> "$TMP1"
+printf "\t\tmeta hour \"%02d:%02d\"-\"%02d:%02d\"\n" 5 0 16 0 >> "$TMP1"
+printf "\t\tmeta hour \"%02d:%02d\"-\"%02d:%02d\"\n" 6 0 17 0 >> "$TMP1"
+
+check_decode EADT
projects / thirdparty / nftables.git / commitdiff
