# nft add table test # nft add set test myset { type ipv4_addr\; flags interval\; } # nft add element test myset { 1.2.3.0/24 } Then the listing shows: set myset2 { type ipv4_addr flags interval elements = { 1.2.3.0/24} } This patch relies on the table and set caches. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=994 Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- src/rule.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/rule.c b/src/rule.c index bc9042f..8c9e8e8 100644 --- a/src/rule.c +++ b/src/rule.c @@ -769,10 +769,26 @@ static int do_add_chain(struct netlink_ctx *ctx, const struct handle *h, } static int do_add_setelems(struct netlink_ctx *ctx, const struct handle *h, - const struct expr *expr) + struct expr *expr) { + struct table *table; + struct set *set; + + table = table_lookup(h); + if (table == NULL) + return -1; + + set = set_lookup(table, h->set); + if (set == NULL) + return -1; + + if (set->flags & SET_F_INTERVAL && + set_to_intervals(ctx->msgs, set, expr) < 0) + return -1; + if (netlink_add_setelems(ctx, h, expr) < 0) return -1; + return 0; } -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html