Special sets like maps and flow tables have their own commands to be
listed and inspected.
Before this patch, "nft list set" was able to display these special sets
content:
# nft list set filter test
table ip filter {
map test {
type ipv4_addr : inet_service
elements = { 192.168.1.101 : http-alt}
}
}
Now an error is shown:
# nft list set filter test
<cmdline>:1:1-20: Error: Could not process rule: Set 'test' does not exist
list set filter test
^^^^^^^^^^^^^^^^^^^^
Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
cmd->handle.table);
- if (set_lookup(table, cmd->handle.set) == NULL)
+ set = set_lookup(table, cmd->handle.set);
+ if (set == NULL || set->flags & (SET_F_MAP | SET_F_EVAL))
return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
cmd->handle.set);
return 0;
projects / thirdparty / nftables.git / commitdiff
