Re: nftables: How to stop further chain traversal after accept verdict

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What is use of table chains if they are not decision makers in accept case?
We mostly know what to accept and deny everything else. Is this cannot
be done with nftables?

On Tue, Jun 6, 2023 at 9:29 PM <seentr@xxxxxxxxxxxx> wrote:
>
> You can try to set mark as well as accept them. This way you will be able to determine in the following chains that some of previous ones had accepted it.
>
> 2023-06-06T15:40:03Z Tushar Shinde <mtk.tushar@xxxxxxxxx>:
>
> > Hi,
> >
> > I have asked the same question to super users. But I looks like I need
> > help from experts.
> >
> > https://superuser.com/questions/1787416/nftables-how-to-stop-further-chain-traversal-after-accept-verdict
> >
> > Question is, If there are multiple tables (possibly owned by multiple
> > teams/projects ), if a rule is accepted by one of the tables in the
> > chain, how to stop looking into the next high priority chain. Right
> > now my observation is ACCEPT just stops processing the current chain
> > and jump to next table. If this is last table then only ACCEPT will
> > work, otherwise this ACCEPT is useless.
> > Logs are on SU post.
> >
> > Kindly correct me if I am wrong.
> >
> > Thank you,
> > Tushar.




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux