Fabian Franz <s1410239008@xxxxxxxxxxxxxxxxxxxxxxxx> wrote: > yes it is academic and what I want to do is user id matching on > non-local users (which means I need to connect the IP address with an > user id or something like that). What I want is to keep the full match > together, nf_queue is a target. I'm not sure what 'keep the full match together' is supposed to mean. > It should be my last year project but it seems to be impossible to > finalize due to a lack of documentation. An alternative Method would be > keeping an array of structs with IP addresses and user IDs in the kernel > and use those. That seems like the only solution, what did you have in mind instead? > Stack now 0 1 > Cleanup: popping nterm input (: ) > <cmdline>:1:28-31: Error: No symbol type information > add rule inet filter input auth 1 accept > created using this command: > > nft --debug all add rule inet filter input auth 1 accept > > I hope this helps you to understand the error. It looks like you haven't extended nft parser yet. You need to extend both libnftnl and nft. Have a look at commit dfd92948a0a88a9f245e71c1cfb63ae670e6e7c1 rt: introduce routing expression in nftables.git for an example. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
