Re: nftables typeof concatenation support for vmap?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Frank,

On Sat, Jan 30, 2021 at 6:37 PM Frank Myhr <fmyhr@xxxxxxxxxxx> wrote:
>
> Hi,
>
> The typeof concatenation supported by map since nftables 0.95 got me
> excited about using it to goto a chain based on incoming interface and
> requested service. There are some service requests I want to dnat, so I
> tried defining a vmap:
>
> table ip ip_nat {
>    map dnat_srv {
>      typeof        iifname . ip protocol . th dport : verdict
>    }
> }
>

Try this:

table ip ip_nat {
    map dnat_srv {
        type ifname . inet_proto . inet_service : verdict
    }
}
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux