When a set contains combined flag values, they are displayed as numeric
value since they don't match any of the single flag values:
tcp flags { 18, psh, syn}
Convert to a series of inclusive-OR binops of the single flag values
for improved readability:
tcp flags { syn | ack, psh, syn}
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
---
src/netlink.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/netlink.c b/src/netlink.c
index bd6aa93..24dda67 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1383,6 +1383,10 @@ static int netlink_delinearize_setelem(struct nft_set_elem *nlse,
expr->byteorder == BYTEORDER_HOST_ENDIAN)
mpz_switch_byteorder(expr->value, expr->len / BITS_PER_BYTE);
+ if (expr->dtype->basetype != NULL &&
+ expr->dtype->basetype->type == TYPE_BITMASK)
+ expr = bitmask_expr_to_binops(expr);
+
if (flags & NFT_SET_ELEM_INTERVAL_END) {
expr->flags |= EXPR_F_INTERVAL_END;
} else {
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
