Slowly working through nftables syntax, with a lot of trial and error,
my rules occasionally compile and load.
Unfortunately, they also have resulted in rules that have blocked my
access to the machine, even with (I thought) carefully ensuring that my
management interface was unrestricted.
Is there a "test" mode for nft that allows me to compile a candidate
rule set and dump the results for inspection, without loading it into
the kernel?
Jeff
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
