Hi, Thank you so much. I was trying to use iif instead of iifname so nft gives me the error that eth* interface does not exist. So I assume that using iif and/or oif, the interface must exists but not if using iifname and/or oifname. El jue., 14 feb. 2019 a las 10:07, Pablo Neira Ayuso (<pablo@xxxxxxxxxxxxx>) escribió: > > On Thu, Feb 07, 2019 at 05:04:21PM +0100, Miriam Rico wrote: > > Hi, > > > > I have a question about nftables. On iptables and ebtables it was > > possible to put '+' sign to englobe multiple interfaces in one > > expression, such as 'eth+' to englobe all 'eth' interfaces. > > > > For example: > > > > iptables -A INPUT -i eth+ -p tcp -j ACCEPT > > > > It is possible to do the same on nftables? > > Yes: > > nft add rule filter input iifname "eth*" counter
