On Tue, Dec 29, 2015 at 11:54:25PM +0530, Shivani Bhardwaj wrote: > Add translation for module length to nftables. > > Examples: > > $ sudo iptables-translate -A INPUT -p icmp -m length --length 86:0xffff -j DROP > nft add rule ip filter INPUT ip protocol icmp meta length 86-65535 counter drop > > $ sudo iptables-translate -A INPUT -p udp -m length --length :400 > nft add rule ip filter INPUT ip protocol udp meta length 0-400 counter > > $ sudo iptables-translate -A INPUT -p udp -m length --length 40 > nft add rule ip filter INPUT ip protocol udp meta length 40 counter > > $ sudo iptables-translate -A INPUT -p udp -m length ! --length 40 > nft add rule ip filter INPUT ip protocol udp meta length != 40 counter Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
