| Message ID | 1421069406-10276-1-git-send-email-kaber@trash.net |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
diff --git a/src/evaluate.c b/src/evaluate.c index d24d4cc..651465a 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -738,7 +738,8 @@ static int expr_evaluate_map(struct eval_ctx *ctx, struct expr **expr) case EXPR_SYMBOL: if (expr_evaluate(ctx, &map->mappings) < 0) return -1; - if (map->mappings->ops->type != EXPR_SET_REF) + if (map->mappings->ops->type != EXPR_SET_REF || + !(map->mappings->set->flags & NFT_SET_MAP)) return expr_error(ctx->msgs, map->mappings, "Expression is not a map"); break;
# nft add set filter test { type ipv4_addr; } # nft filter input ip daddr vmap @test Before: <cmdline>:0:0-32: Error: Could not process rule: Invalid argument filter input ip daddr vmap @test ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ After: <cmdline>:1:28-32: Error: Expression is not a map filter input ip daddr vmap @test ^^^^^ Signed-off-by: Patrick McHardy <kaber@trash.net> --- src/evaluate.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)