From 583cd2bdeadf95e8557787d70d08291be8d81852 Mon Sep 17 00:00:00 2001
From: _|+ <57632531+Ignatella@users.noreply.github.com>
Date: Fri, 13 Sep 2024 08:54:50 +0200
Subject: [PATCH] Fix: NFT_DYNSET_F_EXPR not supported for kernels < 5.11-rc3
 (#276)

Note that this will fix support for single expressions on older kernels but multiple expressions on older kernels will remain unsupported as NFT_DYNSET_F_EXPR flag should not be omitted for dynsets with multiple expressions.
---
 expr/dynset.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/expr/dynset.go b/expr/dynset.go
index aa6bc79..0b3d9bf 100644
--- a/expr/dynset.go
+++ b/expr/dynset.go
@@ -77,7 +77,6 @@ func (e *Dynset) marshalData(fam byte) ([]byte, error) {
 
 	// Per https://git.netfilter.org/libnftnl/tree/src/expr/dynset.c?id=84d12cfacf8ddd857a09435f3d982ab6250d250c#n170
 	if len(e.Exprs) > 0 {
-		flags |= NFT_DYNSET_F_EXPR
 		switch len(e.Exprs) {
 		case 1:
 			exprData, err := Marshal(fam, e.Exprs[0])
@@ -86,6 +85,7 @@ func (e *Dynset) marshalData(fam byte) ([]byte, error) {
 			}
 			opAttrs = append(opAttrs, netlink.Attribute{Type: unix.NFTA_DYNSET_EXPR, Data: exprData})
 		default:
+			flags |= NFT_DYNSET_F_EXPR
 			var elemAttrs []netlink.Attribute
 			for _, ex := range e.Exprs {
 				exprData, err := Marshal(fam, ex)