On Fri, Apr 08, 2016 at 11:10:47AM +0000, Meyer Raffaele wrote: > Dear Sir or Madam > > I am currently using nftables under Ubuntu 15.10. Kernel version is 4.2.0-16-generic and nftables version is nftables v0.4 (Support Edward Snowden). > I was looking for a way to match packets based on the mss optional value in the tcp header. While using the describe command, I encountered a segfault: > > user@machine:~$ nft describe tcp reserved > Segmentation fault (core dumped) This is already fixed in 0.5 as weel as in the upcoming 0.6 release. # nft describe tcp reserved payload expression, datatype integer (integer), 4 bits > It is not really a bad bug since the reserved keyword is probably > not used anyway but I thought to report it. At the same time I > wanted to ask if it is possible to match packets on wether they have > a MaximumSegmentSize set in the TCP header or not. Several people already asked for TCP options matching already, this is coming soon. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
