diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-24 00:51:48 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-24 21:46:59 +0100 |
commit | b2c11e4b9536ebab6b39929e1fe15f57039ab445 (patch) | |
tree | 1938812d9d30876f127051fb5acba13b76cbb1c8 /net/netfilter/x_tables.c | |
parent | de70185de0333783154863278ac87bfbbc54e384 (diff) |
netfilter: nf_tables: bump set->ndeact on set flush
Add missing set->ndeact update on each deactivated element from the set
flush path. Otherwise, sets with fixed size break after flush since
accounting breaks.
# nft add set x y { type ipv4_addr\; size 2\; }
# nft add element x y { 1.1.1.1 }
# nft add element x y { 1.1.1.2 }
# nft flush set x y
# nft add element x y { 1.1.1.1 }
<cmdline>:1:1-28: Error: Could not process rule: Too many open files in system
Fixes: 8411b6442e59 ("netfilter: nf_tables: support for set flushing")
Reported-by: Elise Lennion <elise.lennion@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/x_tables.c')
0 files changed, 0 insertions, 0 deletions