Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipset revision usage is inconsistent with ipset binary from netfilter #1030

Open
bleggett opened this issue Nov 18, 2024 · 2 comments · May be fixed by #1031
Open

ipset revision usage is inconsistent with ipset binary from netfilter #1030

bleggett opened this issue Nov 18, 2024 · 2 comments · May be fixed by #1031

Comments

@bleggett
Copy link

bleggett commented Nov 18, 2024
edited
Loading

Example:

For hash:ip,port, this library defaults to revision=1: https://github.com/vishvananda/netlink/blob/main/ipset_linux.go#L398.

But the ipset binary code comments indicate we should be using at least revision=3 here (since this library supports using comments with that set type) https://github.com/Olipro/ipset/blob/9f145b49100104d6570fe5c31a5236816ebb4f8f/kernel/net/netfilter/ipset/ip_set_hash_ipport.c#L30

For hash:ip, this library defaults to revision=0. But the ipset binary code comments indicate we should be using at least revision=2 here (since this library supports using comments with this set type as well): https://github.com/Olipro/ipset/blob/9f145b49100104d6570fe5c31a5236816ebb4f8f/kernel/net/netfilter/ipset/ip_set_hash_ip.c#L28

In general, we should probably track the set-level revisions that the ipset binary does.
@bleggett bleggett mentioned this issue Nov 18, 2024
Merged
@aboch
Copy link
Collaborator

aboch commented Nov 18, 2024

Thanks @bleggett
Please push a PR

@bleggett bleggett linked a pull request Nov 18, 2024 that will close this issue
Open
@bleggett
Copy link
Author

Thanks @bleggett Please push a PR

Done, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@bleggett @aboch