Re: nftables element not in set

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: nftables element not in set
From: Florian Westphal <fw@xxxxxxxxx>
Date: Fri, 23 Jul 2021 01:03:43 +0200
Cc: netfilter@xxxxxxxxxxxxxxx
In-reply-to: <323b00e1-e94f-1353-59a5-4ddb1d202861@satchell.net>
References: <323b00e1-e94f-1353-59a5-4ddb1d202861@satchell.net>
User-agent: Mutt/1.10.1 (2018-07-13)

Stephen Satchell <list@xxxxxxxxxxxx> wrote:
> As the documentation currently reads, you can use set expressions like this:
> 
>   tcp dport {22,8022} accept
> 
> Is there anything in the nftables syntax that permits detecting the absence
> of a match?  Something like
> 
>   tcp not dport {22,8022}

tcp dport != { 22, 8022 } accept

References:
- nftables element not in set
  - From: Stephen Satchell

Prev by Date: nftables element not in set
Next by Date: Re: H.225.0 NAT packet mangling module?
Previous by thread: nftables element not in set
Next by thread: OK, IPv4 vs IPv6 is driving me crazy
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux