Re: cannot use != with ct status

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Oct 14, 2020 at 04:16:40AM +0000, Ramsay, Lincoln wrote:
> Hi,
> 
> I've just confirmed that I can't make a rule that matches ct status != dnat.

ct status == dnat and ct state != dnat checks for _exact_ matching.

Then:

        ct status dnat

based on the datatype, provides a shortcut for

        ct status and dnat == dnat

For inverted matching, please use:

        ct status and dnat != dnat
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux