On Wed, Jan 29, 2014 at 02:27:50AM -0500, Brian Allen Vanderburg II wrote: > I use ipset for my setup to simplify certain iptables rules. I have > rules to allow trusted networks and trusted services using two different > sets. The services set is a hash:net,port set, and the network set its > a hash:net,iface set. Is it planned to have sets that can contain > multiple value entries in nftables? Yes, some bits are missing in the kernel, we'll have support for multi-dimensional keys in sets at some point. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
