On Wed, Mar 08, 2017 at 02:16:09PM +0100, Pablo Neira Ayuso wrote: > After this patch: > > # iptables-translate -I INPUT -s yahoo.com > nft insert rule ip filter INPUT ip saddr 206.190.36.45 counter > nft insert rule ip filter INPUT ip saddr 98.138.253.109 counter > nft insert rule ip filter INPUT ip saddr 98.139.183.24 counter > The first run returns similiar to above, but subsequent runs returns one extra nft printed at the end. # iptables-translate -I INPUT -s yahoo.com nft insert rule ip filter INPUT ip saddr 98.139.183.24 counter nft insert rule ip filter INPUT ip saddr 206.190.36.45 counter nft insert rule ip filter INPUT ip saddr 98.138.253.109 counter nft # git ll 48ad179bfdfd (libxtables: abolish AI_CANONNAME, 2017-03-08) # git ll c6df55d6ebbe6102ac5136ae38813bea42d8c782 c6df55d6ebbe (iptables-translate: print nft command for each expand rules via dns names, 2017-03-08) Thanks. -- Mit freundlichen Grüßen Alexander Alemayhu -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
