source-git / nftables

Clone
Source Code
GIT

Files

  1.   6f013848af0b0c0a1ca704e0ed914e93fb1e8fd9
  2.   tests
  3.   py
  4.   inet
  5.   ip_tcp.t
Blob Blame History Raw 
:input;type filter hook input priority 0
:ingress;type filter hook ingress device lo priority 0

*inet;test-inet;input
*bridge;test-bridge;input
*netdev;test-netdev;ingress

# must not remove ip dependency -- ONLY ipv4 packets should be matched
ip protocol tcp tcp dport 22;ok;ip protocol 6 tcp dport 22

# can remove it here, ip protocol is implied via saddr.
ip protocol tcp ip saddr 1.2.3.4 tcp dport 22;ok;ip saddr 1.2.3.4 tcp dport 22

# but not here.
ip protocol tcp counter ip saddr 1.2.3.4 tcp dport 22;ok;ip protocol 6 counter ip saddr 1.2.3.4 tcp dport 22

# or here.
ip protocol tcp counter tcp dport 22;ok;ip protocol 6 counter tcp dport 22

ether type ip tcp dport 22;ok

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation