Hello, I cross compiled nftables (kernel diffs merged into 2.6.35.4, nftables userspace package and the modified libnl) for powerpc using crosstool-ng toolchain and buildroot framework. I can see the kernel modules load and the nft program runs but I can't get past syntax errors. I think the example rules and user doc must all be out of date. Is anyone actively working on this project? Is there any updated user doc with some good examples of setting up a bridge firewall say equivalent to the below (done using ebtables)? ebtables -I INPUT -i eth1 -p ip4 --ip-pro udp --ip-sport 67 --ip-dport 68 -j DROP ebtables -I OUTPUT -o eth1 -p ip4 --ip-pro udp --ip-sport 68 --ip-dport 67 -j DROP ebtables -I FORWARD -i eth1 -p ip4 --ip-pro udp --ip-sport 67 --ip-dport 68 -j DROP ebtables -I FORWARD -o eth1 -p ip4 --ip-pro udp --ip-sport 68 --ip-dport 67 -j DROP Any pointers would be helpful. I want to duplicate something I've done using ebtables and then run high volume small packet UDP traffic through the bridge using iperf to compare performance overhead hits between nftables and ebtables as they skip past rules not used by the high volume traffic. Regards, Darcy -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
