Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Fri, Jun 21, 2019 at 06:45:14PM +0200, Florian Westphal wrote:
> > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > > diff --git a/tests/py/inet/ct.t.json.output b/tests/py/inet/ct.t.json.output
> > > index 8b71519e9be7..74c436a3a79e 100644
> > > --- a/tests/py/inet/ct.t.json.output
> > > +++ b/tests/py/inet/ct.t.json.output
> > > @@ -5,7 +5,6 @@
> > > "left": {
> > > "ct": {
> > > "dir": "original",
> > > - "family": "ip",
> > > "key": "saddr"
> >
> > Should that be "ip saddr"?
> > Or is a plain "saddr" without family now implicitly ipv4?
>
> In this patch, the old way (NFT_CT_SRC) still works via dependency:
>
> # meta nfproto ipv4 ct original saddr 1.2.3.4
>
> If someone with kernel < 4.17 needs to match on ct address, it can
> still use it this way.
>
> set, map and concatenations are broken anyway, so I would just expect
> users with simple rules that refer to something like this.
Oh, sorry, I should have checked the .t.json context.
All is good then.
