Hi,
is there an elegant way in either ip{,6}tables or nftables to match
addresses in packets against all the addresses set on a specific local
interface?
I've seen this with pf where you can write "( if0 )" instead of a source
or target address to achieve just that.
As of now I have a small daemon monitoring rtnetlink events, using them
to maintain ipsets for ip{,6}tables which seems rather cumbersome and
fragile.
--
Thanks,
Michael
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
