]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 399d117)
rule: don't list anonymous sets
authorArturo Borrero <arturo.borrero.glez@gmail.com>
Mon, 4 Jan 2016 12:18:26 +0000 (13:18 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 5 Jan 2016 11:40:54 +0000 (12:40 +0100)
Don't list anonymous sets when listing all sets.

For example, using this ruleset:

==== 8< ====
table inet test {
set set1 {
type ipv4_addr
}

chain test {
tcp dport { 80 } accept
}
}
==== 8< ====

Before this patch:

% nft list sets
table inet test {
set set0 {
type inet_service
flags constant
}

set set1 {
type ipv4_addr
}
}

After this patch:

% nft list sets
table inet test {
set set1 {
type ipv4_addr
}
}

Fixes: 8f297010 ("rule: `list sets' only displays declaration, not definition")
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/rule.c patch | blob | blame | history

diff --git a/src/rule.c b/src/rule.c
index 5d3cd84124be4b5c876bcbe2276de1b32a98aa04..18ff5920411ea4097f12cc45533d949189b4bb0d 100644 (file)
--- a/src/rule.c
+++ b/src/rule.c
@@ -1020,6 +1020,8 @@ static int do_list_sets(struct netlink_ctx *ctx, struct cmd *cmd)
                       table->handle.table);
 
                list_for_each_entry(set, &table->sets, list) {
+                       if (set->flags & SET_F_ANONYMOUS)
+                               continue;
                        set_print_declaration(set, &opts);
                        printf("%s}%s", opts.tab, opts.nl);
                }
Mirror of git://git.netfilter.org/nftables