nftables nft nested loops
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: nftables nft nested loops
- From: Jeremy Jackson <jerj@xxxxxxxxxxxx>
- Date: Fri, 16 Nov 2018 07:30:32 -0500
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
Dear netfilter,
I have a bash script which implements zone-based iptables firewall rules
similar to firewalld or Cisco PIX. The key ingredient is the ability to
iterate over a list of network interfaces, to create chains and rules
for every input to output interface combination:
I would like to do this with the nft utility or at least with a
libnftables C library based utility.
Would a contributed looping construct be welcomed into the nft utility?
It already has variables. A minimal implementation would be a single
keyword "permute-interfaces $iif $oif"
Regards,
Jeremy Jackson
[Index of Archives]
[Linux Netfilter Development]
[Linux Kernel Networking Development]
[Netem]
[Berkeley Packet Filter]
[Linux Kernel Development]
[Advanced Routing & Traffice Control]
[Bugtraq]
