Hi Ross, On Fri, Dec 03, 2021 at 10:33:55PM -0800, Ross Boylan wrote: > https://wiki.nftables.org/wiki-nftables/index.php/Simple_ruleset_for_a_home_router > include a number of rules like > > ip protocol . th dport vmap { tcp . 22 : accept, udp . 53 : > accept, tcp . 53 : accept, udp . 67 : accept} > with possibly 2 different uses of ".", namely 'ip protocol .' and 'udp . 67'. > What do those "."'s mean? > > I've looked in available documentation, but can't tell. > > Thanks. > Ross Boylan "." is the symbol for concatenation. It's been missing from the man page forever. I was going to submit a patch to add "." but wasn't really sure when you could use it so I never did. The rule defines a Verdict Map (vmap) whose elements are a concatenation of ip protocol and Transport Header (th) Destination Port (dport). Accept tcp.ssh, udp.domain, tcp.domain and udp.bootps (udp & tcp are IP protocols). Post back if I didn't explain well enough. cc: netfilter-devel in the hope someone could update the man page. Cheers ... Duncan.
