IHello Patrick El 12/09/14 15:00, Patrick McHardy escribió:
On Fri, Sep 12, 2014 at 02:47:03PM +0200, Alvaro Neira Ayuso wrote:If we try to add a rule like: nft add rule filter input udp length {55-9999} nft shows: BUG: invalid byte order conversion 0 => 2 nft: src/evaluate.c:153: byteorder_conversion_op: Assertion `0' failed. Some of the existing payload fields rely on BYTEORDER_INVALID. Therefore, if we try to convert it in evaluation step, we hit this bug. The packets from the Internet are always in big endian. Therefore, we can create all the payload expressions using big endian byteorder.No, that's not true for MAC addresses and also a bad assumption to make in general.
You are right. I forgot that case. I supposed wrong.
What's wrong with the patch you sent previously? I think this is the correct way to fix it.
Nothing. I'm going to follow the previous way for fixing this bug. Thanks Patrick. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
