Hi,
I'm stuck with something, that seems very trivial, but won't work for
me. In particular I want to specify a rule to allow DNS traffic (both
UDP and TCP). In its most basic form my rules for that look something
like this:
oif eth0 udp dport domain accept
oif eth0 tcp dport domain accept
According to these examples [1], it should also be possible to put udp
and tcp into a set, e.g. something like that:
oif eth0 {udp,tcp} dport domain accept
However, this does not work and results in an syntax error, complaining
about the "dport" statement. What am I missing here?
Is it possible to simply the above two rules into one? I have rules like
this all over the place, so it would be a huge win for me.
Thanks!
Best regards,
Karol Babioch
[1]: https://home.regit.org/2014/01/why-you-will-love-nftables/
Attachment:
signature.asc
Description: OpenPGP digital signature
