Hello Laura,
As I mentioned the code uses golang, to interact with netlink I use golang library for netlink and another golang library for expressions primitives.
Basically it works for good number of expressions, but when I get to more complex things like sets with intervals, I hit problem when set does not get created, the strange thing is netlink does not return any errors on set create either.
Here is how I create set with intervals:
c.AddSet(&nftables.Set{
Table: t,
ID: uint32(5),
Name: "interval-set",
Anonymous: false,
Constant: true,
Interval: true,
KeyType: nftables.TypeIPAddr, // 0x7
DataLen: 4,
}, []nftables.SetElement{
{Key: []byte{0, 0, 0, 0}, Val: []byte{1}},
{Key: []byte{10, 16, 0, 0}, Val: []byte{0}},
{Key: []byte{10, 17, 0, 0}, Val: []byte{1}},
{Key: []byte{192, 16, 0, 0}, Val: []byte{0}},
{Key: []byte{182, 17, 0, 0}, Val: []byte{1}},
})
Am I missing anything from Flags or attributes perspective?
Thank you for your help
Serguei
On 2019-08-08, 9:19 AM, "Laura Garcia" <nevola@xxxxxxxxx> wrote:
On Thu, Aug 8, 2019 at 1:56 PM Serguei Bezverkhi (sbezverk)
<sbezverk@xxxxxxxxx> wrote:
>
> Hello,
>
> I am developing golang nftables libraryI am debugging nftables set with elements defining intervals. I compare what gets generated by nfl command and strace of my code.
>
> Based on the output of this command:
>
> sudo nft --debug all add rule ipv4table ipv4chain-1 ip daddr { 192.16.0.0/16, 10.16.0.0/16 } return
>
> It seems nft sets up NFTNL_SET_KEY_TYPE (0x4) as 0x2 and I cannot find anywhere what it means.
> {{nla_len=8, nla_type=0x4}, "\x00\x00\x00\x02"},
>
> When I decode strace generated for my code, it always gets set to x01
> {{nla_len=8, nla_type=0x4}, "\x00\x00\x00\x01"},
>
Hi, are you interacting directly with netlink?
Did you consider using the higher level library libnftables instead?
Cheers.
