nftables: backport fix to interval based rules

[openwrt/openwrt.git] / package / network / utils / nftables / patches / 0001-fix-nft.patch

diff --git a/package/network/utils/nftables/patches/0001-fix-nft.patch b/package/network/utils/nftables/patches/0001-fix-nft.patch
new file mode 100644 (file)
index 0000000..2138e25
--- /dev/null
+++ b/package/network/utils/nftables/patches/0001-fix-nft.patch
@@ -0,0 +1,23 @@
+'rule inet dscpclassify dscp_match  meta l4proto { udp }  th dport { 3478 }  th sport { 3478-3497, 16384-16387 } goto ct_set_ef'
+works with 'nft add', but not 'nft insert', the latter yields: "BUG: unhandled op 4".
+
+Fixes: 81e36530fcac ("src: replace interval segment tree overlap and automerge")
+Signed-off-by: Florian Westphal <fw@strlen.de>
+---
+ src/evaluate.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/evaluate.c b/src/evaluate.c
+index d9c9ca28a53a..edebd7bcd8ab 100644
+--- a/src/evaluate.c
++++ b/src/evaluate.c
+@@ -1520,6 +1520,7 @@ static int interval_set_eval(struct eval_ctx *ctx, struct set *set,
+       switch (ctx->cmd->op) {
+       case CMD_CREATE:
+       case CMD_ADD:
++      case CMD_INSERT:
+               if (set->automerge) {
+                       ret = set_automerge(ctx->msgs, ctx->cmd, set, init,
+                                           ctx->nft->debug_mask);
+-- 
+2.35.1