On Mon, Feb 29, 2016 at 05:50:39PM +0100, Florian Westphal wrote:
> given
>
> table filter {
> set local {
> type iface_index
> elements = { lo }
> }
> chain input {
> type filter hook input priority 0;
> iif { @lan, } accept;
> }
> }
>
> nft BUG()s. I don't see how we could support sets-in-set; add a sanity
> check and error out instead.
>
> Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Acked-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
