From: Patrick McHardy <kaber@xxxxxxxxx> Commit a109bd34 (netfilter: nf_tables: don't report anonymous sets) broke use of anonymous sets by not reporting the created set name to userspace anymore. Anonymous sets are created using "set%d", the notification is needed so elements can be added to the finally chosen name. set set%d@filter/inet <anonymous,constant> key: type 12 len 4 set set%d@filter/inet element 0x00000002 element 0x00000001 internal:0:0-0: Error: Could not add set elements: Object not found Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> --- net/netfilter/nf_tables_api.c | 3 +-- 1 Datei geändert, 1 Zeile hinzugefügt(+), 2 Zeilen entfernt(-) diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index f701dc0..570b877 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1915,8 +1915,7 @@ static int nf_tables_newset(struct sock *nlsk, struct sk_buff *skb, goto err2; list_add_tail(&set->list, &table->sets); - if (!(set->flags & NFT_SET_ANONYMOUS)) - nf_tables_set_notify(&ctx, set, NFT_MSG_NEWSET); + nf_tables_set_notify(&ctx, set, NFT_MSG_NEWSET); return 0; err2: -- 1.7.11.7 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
