On Wed, Jul 24, 2024 at 09:44:23AM +0200, Pablo Neira Ayuso wrote:
> On Tue, Jul 23, 2024 at 03:30:07PM -0400, Eric Garver wrote:
> > This patch fixes the failures around the index keyword. I see one more
> > issue around set entries.
> >
> > Notably, if the set add and element add are on separate lines (and thus
> > round trips to the kernel) then the issue is not seen. Perhaps there are
> > more instances with other stateful objects.
> >
> > --->8---
> >
> > # cat /tmp/foo
> > add table inet foo
> > add set inet foo bar { type ipv4_addr; flags interval; }; add element inet foo bar { 10.1.1.1/32 }
> > add element inet foo bar { 10.1.1.2/32 }
>
> Thanks for your reproducer.
>
> I have reverted it:
>
> https://git.netfilter.org/nftables/commit/?id=93560d0117639c8685fc287128ab06dec9950fbd
>
> This needs more work and tests.
Thanks Pablo. I'll keep my eyes open for future cache patches.
