npf in -current amd64 (7 Mar 2018) now cannot use a "ruleset" multiple times

To: current-users%netbsd.org@localhost
Subject: npf in -current amd64 (7 Mar 2018) now cannot use a "ruleset" multiple times
From: Geoff Wing <gcw%pobox.com@localhost>
Date: Wed, 7 Mar 2018 15:46:02 +1100

Hi,
npf previously had no issues using a "ruleset" in multiple groups, however
it now has a problem and fails with

	npfctl: (re)load failed: some table has a duplicate entry?

The following is a minimal npf.conf to illustrate with it failing due to
the second ``ruleset "blacklistd"'' causing the issue:
-----
	$if1_if = inet4(vmx0)
	$if2_if = inet4(vmx1)

	alg "icmp"

	group "foo" on $if1_if {
		ruleset "blacklistd"
	}
	group "bar" on $if2_if {
		ruleset "blacklistd"
	}

	group default {
		pass final on lo0 all
		block all
	}
-----

I haven't investigated further yet.  Ring any bells with anyone?

System is amd64 -current.

Regards,
Geoff

Follow-Ups:
- Re: npf in -current amd64 (7 Mar 2018) now cannot use a "ruleset" multiple times
  - From: Frank Kardel

Prev by Date: daily CVS update output
Next by Date: Re: netbsd-8 hang on tstile
Previous by Thread: netbsd-8 hang on tstile
Next by Thread: Re: npf in -current amd64 (7 Mar 2018) now cannot use a "ruleset" multiple times
Indexes:

Home | Main Index | Thread Index | Old Index