I should be able to test the whole thing by tomorrow.
You rock guys! :)
On Friday, 21 August 2020 17:23:33 CEST Pablo Neira Ayuso wrote:
> On Fri, Aug 21, 2020 at 05:15:21PM +0200, Balazs Scheidler wrote:
> > Hi,
> >
> > Here's the accompanying nftables patch, just in case Pablo didn't do it.
>
> Thanks Balazs, this looks good to me!
>
> > Pablo do you want me to submit these as a pull request?
>
> You can just send them via git format-patch to
> netfilter-devel@xxxxxxxxxxxxxxx.
>
> > All I did for testing was that it did compile this ruleset and attempted to
> > submit it via netlink to the kernel, which it refused, as I didn't patch my
> > kernel.
>
> I'm attaching the kernel patch, compiled-tested only by now.
>
> > ```
> > table inet haproxy {
> > chain prerouting {
> > type filter hook prerouting priority -150; policy accept;
> > socket transparent 1 socket wildcard 0 mark set 0x00000001
> > }
> > }
> > ```
>
> Thanks.
>
