On 9/3/22 16:06, Pablo Neira Ayuso wrote:
On Thu, Sep 01, 2022 at 12:31:43PM +0200, Fernando Fernandez Mancera wrote:When listing a set with statements with JSON support, the statements were ignored. Output example: { "set": { "op": "add", "elem": { "payload": { "protocol": "ip", "field": "saddr" } }, "stmt": [ { "limit": { "rate": 10, "burst": 5, "per": "second" } }, { "counter": { "packets": 0, "bytes": 0 } } ], "set": "@my_ssh_meter" } }ip/sets.t: WARNING: line 53: '{"nftables": [{"add": {"rule": {"table": "test-ip4", "chain": "input", "family": "ip", "expr": [{"set": {"set": "@set5", "elem": {"concat": [{"payload": {"field": "saddr", "protocol": "ip"}}, {"payload": {"field": "daddr", "protocol": "ip"}}]}, "op": "add"}}]}}}]}': '[{"set": {"elem": {"concat": [{"payload": {"field": "saddr", "protocol": "ip"}}, {"payload": {"field": "daddr", "protocol": "ip"}}]}, "op": "add", "set": "@set5"}}]' mismatches '[{"set": {"elem": {"concat": [{"payload": {"field": "saddr", "protocol": "ip"}}, {"payload": {"field": "daddr", "protocol": "ip"}}]}, "op": "add", "set": "@set5", "stmt": []}}]' tests/py in nftables reports this warning. I think it should be possible not to print "stmt" if it is empty.
Ugh, I missed it. Yes, it is possible. In addittion, I noticed when generating the JSON output the statements in the list should be stateless. I will send a patch for both problems.
Thank you, Fernando.
Please follow up with an incremental patch to address this. Thanks.
