On 3 July 2014 02:55, Jonathan Johnson <ecybernard@xxxxxxxxx> wrote:
> after:
> nft add rule blackhole chain1 ip saddr @set1 counter accept
>
> result:
>
> nft[23409]: segfault at 7f8f5b809bbe ip 00007f8e9fe71f4e sp
> 00007fff6829d178 error 4 in libc-2.18.so[7f8e9fde2000+1a5000]
>
> after that I proceeded to populate the list and got additional errors.
> I used:
> for i in `cat all3.txt`;do nft add element blackhole set1 { $i };done
>
> To start loading in my 30,000+ enteries.
>
> nft: src/netlink.c:205: alloc_nft_setelem: Assertion `expr->ops->type
> == EXPR_MAPPING' failed.
> Aborted
>
> Eventually, after a few hundred it completes. Does nft support cidr
> (1.1.1.0/24) notation?
>
> So I guess the segmentation fault is my last problem.
>
Ok, let's trace the problem. Maybe you are hitting a bug :)
1) Please, send the version of the kernel, nftables, libnftnl, libmnl
and the name of your distro.
2) Please, rerun the command with valgrind, and send here the result.
# valgrind nft add rle blackhole chain1 ip saddr @set1 counter accept
3) I note now that I named 'blackhole' the table, while in your
original mail, you named 'blackhole' the set. Please, check that.
Please, give us a bit of more info so we can be more helpful.
Thanks, regards.
--
Arturo Borrero González
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
