Comments (7)
Maybe a similar commit to fdd795d might be needed?
Haven’t looked at it, and won’t have time to do so either, so I’ll rely on a PR to fix this.
from nftables.
we can fix this problem by add a judgment at rule.go line 87:
var rules []*Rule
for _, msg := range reply {
r, err := ruleFromMsg(msg)
if err != nil {
return nil, err
}
if r.Table.Name == t.Name && r.Table.Family == t.Family && r.Chain.Name == c.Name {
rules = append(rules, r)
}
}
Apart from this,we need to fix ruleFromMsg
method by add a assignment statement at rule.go line 295:
case unix.NFTA_RULE_TABLE:
r.Table = &Table{Name: ad.String()}
r.Table.Family = TableFamily(msg.Data[0])
this line is aim to return a rule's father table's net family attr, instead of return all 0 back to user, thus we could make a judgment on the protocol cluster of the target table and the obtained tables, at the end of it, we can successfully get the rules for a specific table and a specific chain.
and the other fix will be push to my fork repo github.com/RandolphCYG/nftables
from nftables.
Here is the relevant function https://github.com/greenpau/cni-plugins/blob/dnat/pkg/utils/get_chain_props.go
from nftables.
There is another aspect for this. There is no regards as to IPv4 vs. IPv6 chains ...
The filtering could happen here ...
Lines 81 to 88 in 7127d9d
One other though is that perhaps ruleFromMsg()
needs to be looked into....
from nftables.
There is no "default" handling of various "AttributeDecoder" types.
Lines 288 to 306 in 7127d9d
from nftables.
Can you send your change as a pull request as well? Or is there any reason why it couldn’t be upstreamed? :)
from nftables.
Can you send your change as a pull request as well? Or is there any reason why it couldn’t be upstreamed? :)
hey, here comes my first pull request, could you help me check it ?
from nftables.
Related Issues (20)
- How to add mac address (like ether saddr 8c:1c:da:42:5d:77) HOT 5
- how to set flowtable offload HOT 2
- How to add the anonymous set of hours ? HOT 2
- How to reject packets? HOT 3
- Anonymous time collection problem HOT 10
- Please consider create a release/tag HOT 1
- Alignment issues on 32-bit archs: TestAlignedBuff32 & TestAlignedBuffInt32 failures HOT 9
- Test failures on s390x: endianness problems? HOT 11
- Reason for not wrapping libnftnl/libmnl. HOT 1
- GetRules lost expr.Masq HOT 1
- nftables go dynset implementation will not work with libnftnl versions <1.1.9 HOT 1
- High
- Feature: add support for monitor HOT 6
- AddSet IPv4 wrong byte order on Ubuntu 22.04 HOT 8
- Rule Handle not updated after InsertRule even using Flush. HOT 4
- Not all response messages are received causing the receive buffer to overflow HOT 8
- Named quotas and their usage in map HOT 1
- BUG: block in Conn.Flush() HOT 4
- How to get an error when try to add an existed table?
- Adding rules in code produces different results and logs than the rules I added directly from the command line HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nftables.