* nftables: Specify multiple protocols in one rule
@ 2016-03-03 10:47 Karol Babioch
0 siblings, 0 replies; only message in thread
From: Karol Babioch @ 2016-03-03 10:47 UTC (permalink / raw)
To: netfilter
[-- Attachment #1.1: Type: text/plain, Size: 854 bytes --]
Hi,
I'm stuck with something, that seems very trivial, but won't work for
me. In particular I want to specify a rule to allow DNS traffic (both
UDP and TCP). In its most basic form my rules for that look something
like this:
oif eth0 udp dport domain accept
oif eth0 tcp dport domain accept
According to these examples [1], it should also be possible to put udp
and tcp into a set, e.g. something like that:
oif eth0 {udp,tcp} dport domain accept
However, this does not work and results in an syntax error, complaining
about the "dport" statement. What am I missing here?
Is it possible to simply the above two rules into one? I have rules like
this all over the place, so it would be a huge win for me.
Thanks!
Best regards,
Karol Babioch
[1]: https://home.regit.org/2014/01/why-you-will-love-nftables/
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-03-03 10:47 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-03 10:47 nftables: Specify multiple protocols in one rule Karol Babioch
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox