Jan Engelhardt wrote:
On Saturday 2010-12-18 22:51, Mr Dash Four wrote:
Members:
192.168.0.0,tcp:80
192.168.0.1,tcp:53
192.168.0.1,tcp:80
192.168.0.2,tcp:80
192.168.0.1,udp:53
192.168.0.3,tcp:80
By 'something' I mean either omission of the protocol, or 'all' to
be specified instead of the protocol to mean no matching on protocol
would be made (in other words the protocol to be disregarded).
If you don't check the protocol, you cannot know if there even is
a port number. Not all L4 protocols have ports.
OK, let me rephrase that: I do not wish to add 2x times as many members
in a particular set when I am not interested in the protocol match -
whether it is tcp or udp for me is irrelevant, all I am interested in is
the ip subnet and the port number.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
