On 2020-09-16 11:05, Siebzehn wrote: > Hello, > > I'm filtering Address-Ranges and Ports to let them though. However it > doesn't seem to accept "flags intervals". > Even the Example on the wiki isn't getting accepted! > > Example from > https://wiki.nftables.org/wiki-nftables/index.php/Concatenations#Network_addresses > flush ruleset > table inet mytable { > set myset { > type ipv4_addr . ipv4_addr > flags interval > elements = { 192.168.0.0/16 . 172.16.0.0/25, > 10.0.0.0/30 . 192.168.1.0/24, > } > } > > chain mychain { > ip saddr . ip daddr @myset counter accept > } > } > Make sure you are using: * nftables >= 0.9.4 * kinux kernel >= 5.6 regards.
