Hi Mik, On Tue, 2 Jun 2020 06:28:31 -0700 Mike Dillinger <miked@xxxxxxxxxxxxxx> wrote: > > *From:* Mike Dillinger [mailto:miked@xxxxxxxxxxxxxx] > > *To:* Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > > *Cc:* netfilter@xxxxxxxxxxxxxxx, sbrivio@xxxxxxxxxx > > *Date:* Monday, June 1, 2020, 9:07 AM PDT > > *Subject:* nftables: Strange Error When Adding Element to Named Set > > > > Yes, I have found a way to reproduce it. > > > > Add the set: > > nft add set ip filter blacklist4-ip-1m {type ipv4_addr\; flags > > interval,timeout \; timeout 1m \; gc-interval 1m\;} > > > > We're not concerned about the IP's that are added to the set > > because there are no rules covering what to do with the set > > contents. > > > > I wrote a bash script called nftables-bug-repro: > > #!/bin/bash > > nft list set ip filter blacklist4-ip-1m > > for ((i=1;i<=10;i++)); do > >    nft add element filter blacklist4-ip-1m {$i.$i.$i.$i} > >    sleep 1 > > done > > nft list set ip filter blacklist4-ip-1m > > Hi Pablo, Stefan, et al, > > I wanted to check and see if anyone was able to reproduce the issue. > If not, I'd like to figure out what's unique about my setup so I can > resolve the issue on my end. I haven't tried yet. I plan to check later today, I'll let you know. I don't think there's anything unique about your setup. -- Stefano
