nftables and set with interval

From: "Serguei Bezverkhi (sbezverk)" <sbezverk@cisco.com>
To: "netfilter-devel@vger.kernel.org" <netfilter-devel@vger.kernel.org>
Subject: nftables and set with interval
Date: Thu, 8 Aug 2019 11:47:32 +0000	[thread overview]
Message-ID: <554E4490-524C-48D3-834A-F98F3D15D807@cisco.com> (raw)

Hello,

I am developing golang nftables libraryI am debugging nftables set with elements defining intervals. I compare what gets generated by nfl command and strace of my code.

Based on the output of this command:

sudo nft --debug all add rule ipv4table ipv4chain-1  ip daddr { 192.16.0.0/16, 10.16.0.0/16 } return

It seems nft sets up NFTNL_SET_KEY_TYPE  (0x4) as 0x2 and I cannot find anywhere what it means.
{{nla_len=8, nla_type=0x4}, "\x00\x00\x00\x02"}, 

When I decode strace generated for my code, it always gets set to x01
{{nla_len=8, nla_type=0x4}, "\x00\x00\x00\x01"},

I would really appreciate a pointer to where key types are defined and also which flags and or expressions are needed for sets with intervals.

Thank you
Serguei

Full decode below:

{{len=108, type=NFNL_SUBSYS_NFTABLES<<8|NFT_MSG_NEWSET, flags=NLM_F_REQUEST|NLM_F_CREATE, seq=1, pid=0},
{nfgen_family=AF_INET, version=NFNETLINK_V0, res_id=htons(0),
[
{{nla_len=14, nla_type=NFNETLINK_V1}, "\x69\x70\x76\x34\x74\x61\x62\x6c\x65\x00"},

NFTA_SET_NAME                     = 0x2
{{nla_len=12, nla_type=0x2}, "\x5f\x5f\x73\x65\x74\x25\x64\x00"},

NFTA_SET_FLAGS                    = 0x3
{{nla_len=8, nla_type=0x3}, "\x00\x00\x00\x07"},

NFTA_SET_KEY_TYPE                 = 0x4
{{nla_len=8, nla_type=0x4}, "\x00\x00\x00\x07"},

NFTA_SET_KEY_LEN                  = 0x5
{{nla_len=8, nla_type=0x5}, "\x00\x00\x00\x04"},

NFTA_SET_ID                       = 0xa
{{nla_len=8, nla_type=0xa}, "\x00\x00\x00\x02"},

NFTA_SET_DESC                     = 0x9
{{nla_len=12, nla_type=NLA_F_NESTED|0x9}, "\x08\x00\x01\x00\x00\x00\x00\x05"},

NFTA_SET_USERDATA                 = 0xd
{{nla_len=16, nla_type=0xd}, "\x00\x04\x02\x00 \x00\x00\x02\x04 \x01\x00\x00\x00"}
]
}, 

{{len=164, type=NFNL_SUBSYS_NFTABLES<<8|NFT_MSG_NEWSETELEM, flags=NLM_F_REQUEST|NLM_F_CREATE, seq=1, pid=0},
{nfgen_family=AF_INET, version=NFNETLINK_V0, res_id=htons(0),
[

NFTA_SET_NAME                     = 0x2
{{nla_len=12, nla_type=0x2}, "\x5f\x5f\x73\x65\x74\x25\x64\x00"},
 NFTNL_SET_KEY_TYPE              = 0x4                              < ==========================. It is nla type, but I cannot find what type 0x2 means, we always used 0x1
{{nla_len=8, nla_type=0x4}, "\x00\x00\x00\x02"},
{{nla_len=14, nla_type=NFNETLINK_V1}, "\x69\x70\x76\x34\x74\x61\x62\x6c\x65\x00"},
{{nla_len=108, nla_type=NLA_F_NESTED|0x3}, "
\x18\x00\x01\x80\x08\x00\x03\x00\x00\x00\x00\x01\x0c\x00\x01\x80\x08\x00\x01\x00\x00\x00\x00\x00\x10\x00\x02\x80\x0c\x00\x01\x80\x08\x00\x01\x00\x0a\x10\x00\x00\x18\x00\x03\x80\x08\x00\x03\x00\x00\x00\x00\x01\x0c\x00\x01\x80\x08\x00\x01\x00\x0a\x11\x00\x00\x10\x00\x04\x80\x0c\x00\x01\x80\x08\x00\x01\x00\xc0\x10\x00\x00\x18\x00\x05\x80\x08\x00\x03\x00\x00\x00\x00\x01\x0c\x00\x01\x80\x08\x00\x01\x00\xc0\x11\x00\x00"}
]
},