cannot delete ip range elements from set

Question

cannot delete ip range elements from set

Closed this issue 2 months ago · 2 comments

my nft set is like this

	set custom_list{
		type ipv4_addr
		flags interval,timeout
		counter
		timeout 3d
	}

I use nft to add a new element to the set, the element is like this
nft add element ip filter input custom_list {192.168.143.0/24}
when I try to use the following code to delete an element from this set


	element := nftables.SetElement{
		Key:    []byte{192, 168, 143, 0},
		KeyEnd: []byte{192, 168, 144, 0},
	}
	deleteElements = append(deleteElements, element)

	err = c.SetDeleteElements(set, deleteElements)
	if err != nil {
		return err
	}
	if err := c.Flush(); err != nil {
		return err
	}

but I got the following error
'conn.Receive: netlink receive: invalid argument'

if I do without the key end, it works fine. but the element is not deleted completely.

How can I use go nftables to delete the entire element?

Answer 1 · 2024-10-29T07:58:48.000Z

Did you figure out the problem? What was it? (For the benefit of other readers running into a similar problem.)

Answer 2 · 2024-10-29T11:23:42.000Z

Hi,
it works after changing

element := nftables.SetElement{
		Key:    []byte{192, 168, 143, 0},
		KeyEnd: []byte{192, 168, 144, 0},
	}
	deleteElements = append(deleteElements, element)

	err = c.SetDeleteElements(set, deleteElements)
	if err != nil {
		return err
	}
	if err := c.Flush(); err != nil {
		return err
	}

to

err = c.SetDeleteElements(set, []nftables.SetElement{
		{
			Key:         []byte{192, 168, 143, 0},
		}
		{
			Key:         []byte{192, 168, 144, 0},
			IntervalEnd: true,
		},
	})
	if err != nil {
		return err
	}
	if err := c.Flush(); err != nil {
		return err
	}