Florian Westphal <fw@xxxxxxxxx> wrote: > ... this will cause an assertion in netlink linearization, catch this > at eval stage instead. > > before: > BUG: unknown expression type range > nft: netlink_linearize.c:908: netlink_gen_expr: Assertion `0' failed. > > after: > /unknown_expr_type_range_assert:3:31-40: Error: ct expression cannot be a range > ct mark set 0x001-3434 > ^^^^^^^^^^ This isn't enough, we have a truckload of bugs like this. e.g. 'tproxy to 1.1.1.10/0'. This passes EXPR_RANGE check, but we still hit the assertion because prefix is translated to a range later on. dup and fwd also have this issue, probably a lot more.
