Jan Engelhardt <jengelh@xxxxxxx> wrote: > On Sunday 2018-08-12 23:05, Florian Westphal wrote: > > >Neal P. Murphy <neal.p.murphy@xxxxxxxxxxxx> wrote: > >> Does nftables have an equivalent of iptables' "-m time"? > > > >-m time is problematic (kernel has no idea what a timezone is). > > The kernel certainly does have a timezone (if only a limited understanding how > to use it). In its simplest form, it's UTC. Kernel doesn't know when DST transitions occur though. Its an utter mess and usually needs shell/cron scripts to catch this. I found no way to reliably prevent false matching when e.g. CET moves to CEST and vice versa.
