Ipset is not matching interface name with physdev:eth2 in Bridge #12
Description
We have created a bridge of two interfaces eth2,eth3 through brctl in Ubuntu 18 Linux Kernel 4.19 & tried many kernels.
Module br_netfilter is preloaded and enabled.
Added ipset through below commands:
ipset create foo hash:net,iface
ipset add foo 192.168.1.10,physdev:eth2
ipset add foo 192.168.1.10,physdev:eth3
If i create a iptables rule:
iptables -t mangle -I PREROUTING -m set --match-set foo src,src
And send traffic from 1.10 ip to eth2 interface it won't match.
But if i add "ipset add foo 192.168.1.10,br1", it starts matching the rule.
In source we found that
hash_netiface4_kadt (ip_set_hash_netiface.c) ->opt_cmdflags remains 0 and its value is not set to IPSET_FLAG_PHYSDEV.
If we remove this condition: if (opt->cmdflags & IPSET_FLAG_PHYSDEV)
then it starts working.
Please share your input