From 12fd98893d190df9581d04155fa9207d2adb5573 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Wed, 15 Sep 2021 14:12:37 -0400
Subject: [PATCH 40/50] fix(nftables): rich: source address with netmask

Fixes: rhbz1917766
(cherry picked from commit 3809fef17dc779052a3f050041fe90e3599f35be)
(cherry picked from commit 32d5eb8d94a2b39a4dda10fec351ad6fbab7d486)
---
 src/firewall/core/nftables.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/firewall/core/nftables.py b/src/firewall/core/nftables.py
index 29a9a2492032..059cd8869dbb 100644
--- a/src/firewall/core/nftables.py
+++ b/src/firewall/core/nftables.py
@@ -22,6 +22,7 @@ from __future__ import absolute_import
 
 import copy
 import json
+import ipaddress
 
 from firewall.core.logger import log
 from firewall.functions import check_mac, getPortRange, normalizeIP6, \
@@ -1213,8 +1214,8 @@ class nftables(object):
                 family = "ip"
             elif check_address("ipv4", address):
                 family = "ip"
-                addr_len = address.split("/")
-                address = {"prefix": {"addr": addr_len[0], "len": int(addr_len[1])}}
+                normalized_address = ipaddress.IPv4Network(address, strict=False)
+                address = {"prefix": {"addr": normalized_address.network_address.compressed, "len": normalized_address.prefixlen}}
             elif check_single_address("ipv6", address):
                 family = "ip6"
                 address = normalizeIP6(address)
-- 
2.27.0