Xavier B. <somenxavier@xxxxxxxxxx> wrote:
> Hi,
>
> I have an artix instance with nfttables there. I have several rules (attached file) but mainly I have a set of ip addresses I want to ban:
>
> table inet my_table {
>
> set badips {
> type ipv4_addr
> flags interval
> auto-merge
> elements = {1.0.147.18 }
> }
>
> chain my_input {
> ...
> ip saddr @badips drop comment "[nftables] Block ban IP"
> ...
> }
> ...
> }
>
> Until now, when I add some new IP to my badips set, everything is fine, but today is not:
>
> # nft add element inet my_table badips { 198.199.104.80 }
> # nft list ruleset | grep 198.199.104.80
automerge is on. Please try
nft get element inet my_table badips { 198.199.104.80 }
It should give:
198.199.64.0/18
which includes this address.
