Hi there,
I'm trying to figure out the best way to apply a rule on a set of IP and IPv4 ranges.
My current workaround is to do the following:
RULE jump customnet
chain customnet {
ip saddr {192.0.2.0/24, 198.51.100.0/24} drop
ip6 saddr {2001:DB8:4::/48, 2001:DB8:7::/48} drop
}
I think it might be possible to do this somehow with maps and meta nfproto expressions.
BTW:
It would be nice to have an ip4 alias to better match ip6/ip rules.
Also resetting the default address family might be useful.
For example I'm using more ip6 and inet than ip.
Thank you,
Anton
