@@ -3520,7 +3520,7 @@ static int cmd_evaluate_get(struct eval_ctx *ctx, struct cmd *cmd)
return table_not_found(ctx);
set = set_lookup(table, cmd->handle.set.name);
- if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
+ if (set == NULL || set->flags & NFT_SET_MAP)
return set_not_found(ctx, &ctx->cmd->handle.set.location,
ctx->cmd->handle.set.name);
@@ -3587,7 +3587,7 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd)
return table_not_found(ctx);
set = set_lookup(table, cmd->handle.set.name);
- if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
+ if (set == NULL || set->flags & NFT_SET_MAP)
return set_not_found(ctx, &ctx->cmd->handle.set.location,
ctx->cmd->handle.set.name);
@@ -3698,7 +3698,7 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
return table_not_found(ctx);
set = set_lookup(table, cmd->handle.set.name);
- if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
+ if (set == NULL || set->flags & NFT_SET_MAP)
return set_not_found(ctx, &ctx->cmd->handle.set.location,
ctx->cmd->handle.set.name);
new file mode 100755
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# list only the object asked for with table
+
+EXPECTED="table ip filter {
+ set test_set {
+ type ipv4_addr . inet_service . ipv4_addr . inet_service . inet_proto
+ size 100000
+ flags dynamic,timeout
+ }
+}"
+
+set -e
+
+$NFT -f - <<< $EXPECTED
+
+GET="$($NFT list set ip filter test_set)"
+if [ "$EXPECTED" != "$GET" ] ; then
+ DIFF="$(which diff)"
+ [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
+ exit 1
+fi
+
+$NFT flush set ip filter test_set
Before: # nft list set ip filter untracked_unknown Error: No such file or directory; did you mean set ‘untracked_unknown’ in table ip ‘filter’? list set ip filter untracked_unknown ^^^^^^^^^^^^^^^^^ After: # nft list set ip filter untracked_unknown table ip filter { set untracked_unknown { type ipv4_addr . inet_service . ipv4_addr . inet_service . inet_proto size 100000 flags dynamic,timeout } } Add a testcase for this too. Reported-by: Václav Zindulka <vaclav.zindulka@tlapnet.cz> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- v2: add testcase. src/evaluate.c | 6 +++--- tests/shell/testcases/listing/0015dynamic_0 | 24 ++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 3 deletions(-) create mode 100755 tests/shell/testcases/listing/0015dynamic_0