Hey Pablo!
On Mon, Jun 17, 2019 at 07:18:39PM +0200, Pablo Neira Ayuso wrote:
> This test invokes the 'replace rule ... handle 2' command. However,
> there are no rules in the kernel, therefore it always fails.
I found the cause for why this stopped working: You forgot to adjust
rule_evaluate(), what you need is something like this:
diff --git a/src/evaluate.c b/src/evaluate.c
index ff0888d0c7842..f17bebe4a5f22 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3295,7 +3295,7 @@ static int rule_evaluate(struct eval_ctx *ctx, struct
rule *rule,
}
/* add rules to cache only if it is complete enough to contain them */
- if (!cache_is_complete(&ctx->nft->cache, CMD_LIST))
+ if (!(ctx->nft->cache.flags & NFT_CACHE_RULE))
return 0;
return rule_cache_update(ctx, op);
Then handle guessing works again. :)
Cheers, Phil
