* [ISSUE] nftables: !=range doesn't really work
@ 2016-07-24 8:17 Xin Long
2016-07-24 10:58 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Xin Long @ 2016-07-24 8:17 UTC (permalink / raw)
To: netfilter-devel; +Cc: Pablo Neira Ayuso
nftable transform 'x !=a-b' in wrong way:
cmp x < a
cmp x > b
which means x has to be x<a && x>b.
but it should be x<a || x>b.
It seems that the vm system in kernel is too simple and fast
to provide some expr or process for this case, afaics.
does upstream have been preparing some fix for this ?
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ISSUE] nftables: !=range doesn't really work
2016-07-24 8:17 [ISSUE] nftables: !=range doesn't really work Xin Long
@ 2016-07-24 10:58 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2016-07-24 10:58 UTC (permalink / raw)
To: Xin Long; +Cc: netfilter-devel
Hi,
On Sun, Jul 24, 2016 at 04:17:49PM +0800, Xin Long wrote:
> nftable transform 'x !=a-b' in wrong way:
> cmp x < a
> cmp x > b
>
> which means x has to be x<a && x>b.
> but it should be x<a || x>b.
>
> It seems that the vm system in kernel is too simple and fast
> to provide some expr or process for this case, afaics.
>
> does upstream have been preparing some fix for this ?
Will be sending a fix for this asap.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-07-24 10:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-07-24 8:17 [ISSUE] nftables: !=range doesn't really work Xin Long
2016-07-24 10:58 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).