From 801ba07e3279f790ee858c10ee1fadfd0cbe1fd9 Mon Sep 17 00:00:00 2001 From: sbwml Date: Sun, 25 Jun 2023 06:41:25 +0800 Subject: [PATCH] mosdns: fix nftset mask not work --- mosdns/patches/101-fix-nftset-mask.patch | 57 ++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 mosdns/patches/101-fix-nftset-mask.patch diff --git a/mosdns/patches/101-fix-nftset-mask.patch b/mosdns/patches/101-fix-nftset-mask.patch new file mode 100644 index 0000000..f4afce1 --- /dev/null +++ b/mosdns/patches/101-fix-nftset-mask.patch @@ -0,0 +1,57 @@ +From 0cb2257a6cbb63e0717f2324bb7563c32714934f Mon Sep 17 00:00:00 2001 +From: Irine Sistiana <49315432+IrineSistiana@users.noreply.github.com> +Date: Fri, 16 Jun 2023 14:56:30 +0800 +Subject: [PATCH] fix #667 + +--- + pkg/nftset_utils/handler.go | 27 +++++++++++++++------------ + 1 file changed, 15 insertions(+), 12 deletions(-) + +diff --git a/pkg/nftset_utils/handler.go b/pkg/nftset_utils/handler.go +index 7403f390a..3b79afb42 100644 +--- a/pkg/nftset_utils/handler.go ++++ b/pkg/nftset_utils/handler.go +@@ -24,11 +24,12 @@ package nftset_utils + import ( + "errors" + "fmt" +- "github.com/google/nftables" +- "go4.org/netipx" + "net/netip" + "sync" + "time" ++ ++ "github.com/google/nftables" ++ "go4.org/netipx" + ) + + var ( +@@ -113,16 +114,18 @@ func (h *NftSetHandler) AddElems(es ...netip.Prefix) error { + elems = make([]nftables.SetElement, 0, len(es)) + } + +- for _, e := range es { +- if set.Interval && !e.IsSingleIP() { +- r := netipx.RangeOfPrefix(e) +- start := r.From() +- end := r.To() +- elems = append( +- elems, +- nftables.SetElement{Key: start.AsSlice(), IntervalEnd: false}, +- nftables.SetElement{Key: end.Next().AsSlice(), IntervalEnd: true}, +- ) ++ for i, e := range es { ++ if !e.IsValid() { ++ return fmt.Errorf("invalid prefix at index %d", i) ++ } ++ if set.Interval { ++ start := e.Masked().Addr() ++ elems = append(elems, nftables.SetElement{Key: start.AsSlice(), IntervalEnd: false}) ++ ++ end := netipx.PrefixLastIP(e).Next() // may be invalid if end is overflowed ++ if end.IsValid() { ++ elems = append(elems, nftables.SetElement{Key: end.AsSlice(), IntervalEnd: true}) ++ } + } else { + elems = append(elems, nftables.SetElement{Key: e.Addr().AsSlice()}) + }