On Fri, Jul 05, 2019 at 02:58:47PM +0200, Pablo Neira Ayuso wrote:
> On Fri, Jul 05, 2019 at 02:15:05PM +0200, Phil Sutter wrote:
> > Trying to add a range of size 1 was previously not allowed:
> >
> > | # nft add element ip t s '{ 40-40 }'
> > | Error: Range has zero or negative size
> > | add element ip t s { 40-40 }
> > | ^^^^^
> >
> > The error message is not correct: If a range 40-41 is of size 2 (it
> > contains elements 40 and 41), a range 40-40 must be of size 1.
> >
> > Handling this is even supported already: If a single element is added to
> > an interval set, it is converted into just this range. The implication
> > is that on output, previous input of '40-40' is indistinguishable from
> > single element input '40'.
>
> What kind of human is going to generate such range? :-)
According to the ticket, some scripts do. :)
> I think we can place this item in the "nft ruleset optimization"
> discussion during the NFWS.
Sure, I'll add a note to the proposal.
Thanks, Phil
