On Fri, Oct 02, 2020 at 11:03:34AM +0200, Phil Sutter wrote:
> Payload expression works on byte-boundaries, leverage this with suitable
> prefix lengths.
Interesing. But it kicks in the raw payload expression in nftables.
# nft list ruleset
table ip filter {
chain INPUT {
type filter hook input priority filter; policy accept;
@nh,96,24 8323072 counter packets 0 bytes 0
}
Would you send a patch for nftables too? There is already approximate
offset matching in the tree, it should not be too hard to amend.
Thanks.
