Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mimic ipset C code for determining correct default ipset revision for hash:ip{port,net,etc} #1031

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Mimic ipset C code for determining correct default ipset revision for hash:ip{port,net,etc} #1031

wants to merge 1 commit into from

Conversation

bleggett
Copy link

@bleggett bleggett commented Nov 18, 2024
edited
Loading

Fixes #1030

It takes both desired features AND set type into account when determining the "correct" default revision, which is how it actually works in the ipset userspace binary.

e.g.

hash:ip,port,net

  • with comment support? Revision 5.
  • with counter support? Revision 4.

etc etc.

A more exhaustive mapping would be ideal, but this PR only does default revision mappings for the ipset types that previously had revision defaulting logic, and not all possible ipset types globally.

@bleggett bleggett force-pushed the bleggett/correctly-derive-ipset-revision branch 3 times, most recently from 437fb9b to d1562a9 Compare November 18, 2024 23:00
@bleggett bleggett force-pushed the bleggett/correctly-derive-ipset-revision branch from d1562a9 to bf21466 Compare November 18, 2024 23:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ipset revision usage is inconsistent with ipset binary from netfilter
1 participant
@bleggett