Any chance of fixing this bug soon:
~# ipset n test hash:net family inet timeout 0
~# ipset a test 10.1.0.0/16
~# ipset t test 10.1.12.12
10.1.12.12 is in set test.
~# ipset t test 10.1.12.0/24
10.1.12.0/24 is NOT in test.
It's a feature which I'm not going to fix in any near future.
It isn't a "feature", it is a bug: 10.1.12.0/24 is within the
10.1.0.0/16 range, so the above test should return true, not false.
Either that, or ip range values should be restricted/excluded from the
"test" command in the ipset userspace binary.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
