incus: 6.11.0 -> 6.12.0 (#401854)

diff --git a/internal/server/firewall/drivers/drivers_consts.go b/internal/server/firewall/drivers/drivers_consts.go

index 2790e07a605..944bca5930e 100644

--- a/internal/server/firewall/drivers/drivers_consts.go

+++ b/internal/server/firewall/drivers/drivers_consts.go

@@ -1,8 +1,6 @@

 package drivers

 import (

-	"encoding/json"

-	"fmt"

 	"net"

 )

@@ -67,62 +65,12 @@ type NftListSetsOutput struct {

 // NftListSetsEntry structure to read JSON output of nft set listing.

 type NftListSetsEntry struct {

-	Metainfo *NftMetainfo `json:"metainfo,omitempty"`

-	Set      *NftSet      `json:"set,omitempty"`

-}

-

-// NftMetainfo structure representing metainformation returned by nft.

-type NftMetainfo struct {

-	Version           string `json:"version"`

-	ReleaseName       string `json:"release_name"`

-	JSONSchemaVersion int    `json:"json_schema_version"`

+	Set *NftSet `json:"set,omitempty"`

 }

 // NftSet structure to parse the JSON of a set returned by nft -j list sets.

 type NftSet struct {

-	Family string    `json:"family"`

-	Name   string    `json:"name"`

-	Table  string    `json:"table"`

-	Type   string    `json:"type"`

-	Handle int       `json:"handle"`

-	Flags  []string  `json:"flags"`

-	Elem   ElemField `json:"elem"`

-}

-

-// ElemField supports both string elements (IP, MAC) and dictionary-based CIDR elements.

-// In order to parse it correctly a custom unsmarshalling is defined in drivers_nftables.go .

-type ElemField struct {

-	Addresses []string // Stores plain addresses and CIDR notations as strings.

-}

-

-// UnmarshalJSON handles both plain strings and CIDR dictionaries inside `elem`.

-func (e *ElemField) UnmarshalJSON(data []byte) error {

-	var rawElems []any

-	err := json.Unmarshal(data, &rawElems)

-	if err != nil {

-		return err

-	}

-

-	for _, elem := range rawElems {

-		switch v := elem.(type) {

-		case string:

-			// Plain address (IPv4, IPv6, or MAC).

-			e.Addresses = append(e.Addresses, v)

-		case map[string]any:

-			// CIDR notation (prefix dictionary).

-			prefix, ok := v["prefix"].(map[string]any)

-			if ok {

-				addr, addrOk := prefix["addr"].(string)

-				lenFloat, lenOk := prefix["len"].(float64) // JSON numbers are float64 by default.

-				if addrOk && lenOk {

-					e.Addresses = append(e.Addresses, fmt.Sprintf("%s/%d", addr, int(lenFloat)))

-				}

-			}

-

-		default:

-			return fmt.Errorf("Unsupported element type in NFTables set: %v", elem)

-		}

-	}

-

-	return nil

+	Family string `json:"family"`

+	Name   string `json:"name"`

+	Table  string `json:"table"`

 }

diff --git a/internal/server/firewall/drivers/drivers_nftables.go b/internal/server/firewall/drivers/drivers_nftables.go

index fd9be2e2fbb..f803de9dff5 100644

--- a/internal/server/firewall/drivers/drivers_nftables.go

+++ b/internal/server/firewall/drivers/drivers_nftables.go

@@ -387,7 +387,7 @@ func (d Nftables) NetworkClear(networkName string, _ bool, _ []uint) error {

 		return fmt.Errorf("Failed clearing nftables rules for network %q: %w", networkName, err)

 	}

-	err = d.RemoveIncusAddressSets("inet")

+	err = d.RemoveIncusAddressSets("bridge")

 	if err != nil {

 		return fmt.Errorf("Error in deletion of address sets: %w", err)

 	}

import ./generic.nix {

  hash = "sha256-S6PTtgP4MFV+kiEgV8PBvek1SrVjLaCR9OJy/6jqJGE=";

  version = "6.11.0";

  vendorHash = "sha256-wKL+woCMjGJwCBG/JBhFbY4uc97/5K7OWPZRp0J+5DQ=";

  patches = [ ];

  hash = "sha256-hgZc30SRnmALTvuD32dNuO0r4pfpXXvN4CtJqn2fGuk=";

  version = "6.12.0";

  vendorHash = "sha256-/GwJG6kmjbiUUh0AWQ+IUbeK1kRcuWrwmNdTzH5LT38=";

  patches = [

    # fix nft, remove 6.13

    ./1995.diff

  ];

  nixUpdateExtraArgs = [

    "--override-filename=pkgs/by-name/in/incus/package.nix"

  ];