Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipset add error #1054

Open
JamCh01 opened this issue Nov 19, 2022 · 0 comments
Open

ipset add error #1054

JamCh01 opened this issue Nov 19, 2022 · 0 comments

Comments

@JamCh01
Copy link

JamCh01 commented Nov 19, 2022

I try to add a record of type hash:net,port for ICMP, here is my shell code

ipset add aclblacklist 219.144.207.0/24,icmp:echo-request

aclblacklist is

Name: aclblacklist
Type: hash:net,port
Revision: 7
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 832
References: 1
Number of entries: 2
Members:
219.144.207.0/24,icmp:echo-request
117.22.251.0/24,icmp:echo-request

It works well. But I try to use pyroute2.ipset, it gives me a strange answer. Here is my python code

from pyroute2.ipset import IPSet

ipset = IPSet()

ipset.add(
    name="aclblacklist",
    entry=("1.1.1.0/24", "icmp:echo-request"),
    etype="net,port",
)

with error

Traceback (most recent call last):
  File "/root/test.py", line 5, in <module>
    ipset.add(
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/ipset.py", line 502, in add
    return self._add_delete_test(
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/ipset.py", line 441, in _add_delete_test
    return self.request(
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/ipset.py", line 159, in request
    self.nlm_request(
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/nlsocket.py", line 822, in nlm_request
    return tuple(self._genlm_request(*argv, **kwarg))
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/nlsocket.py", line 1124, in nlm_request
    self.put(msg, msg_type, msg_flags, msg_seq=msg_seq)
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/nlsocket.py", line 389, in put
    self.sendto_gate(msg, addr)
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/nlsocket.py", line 1056, in sendto_gate
    msg.encode()
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/__init__.py", line 1245, in encode
    offset = self.encode_nlas(offset)
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/__init__.py", line 1566, in encode_nlas
    nla_instance.encode()
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/__init__.py", line 1245, in encode
    offset = self.encode_nlas(offset)
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/__init__.py", line 1566, in encode_nlas
    nla_instance.encode()
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/__init__.py", line 1242, in encode
    offset, diff = self.ft_encode(offset)
  File "/usr/local/lib/python3.9/dist-packages/pyroute2/netlink/__init__.py", line 1732, in ft_encode
    struct.pack_into(efmt, self.data, offset, value)
struct.error: required argument is not an integer

Here is fixed

from pyroute2.ipset import IPSet, PortRange

ipset = IPSet()

ipset.add(
    name="aclblacklist",
    entry=("1.1.1.0/24", PortRange(begin=1, end=1, protocol=1)),
    etype="net,port",
)
Name: aclblacklist
Type: hash:net,port
Revision: 7
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 896
References: 1
Number of entries: 3
Members:
1.1.1.0/24,icmp:0/1
219.144.207.0/24,icmp:echo-request
117.22.251.0/24,icmp:echo-request
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@JamCh01