Hello,
I hope I am in the right place. I have two questions about nftables:
1) Is it possible to perform OR operations in nftables? For example
`ip6 saddr ::/128 OR ip saddr 127.0.0.1/8 accept;` As far as I
understand it, everything else is concatenated with AND.
2) I want to see how many IPv4 packets I can get with the Evil Bit
(RFC3514). Since there seems to be no native function for this in
nftables, I seem to have to use raw payload expression. So I have
set up the following:
@th,6,1 & 0x80 = 0x80 \
log prefix "[nftables] Evil bit: " counter reject;
However, `Error: syntax error, unexpected '='` appears. What is the
reason for this? How can I formulate this expression correctly?
I would really appreciate your answers!
Greetings
Marek Küthe
--
Marek Küthe
m.k@xxxxxxx
er/ihm he/him
Attachment:
pgpEwJ_qWYNXo.pgp
Description: OpenPGP digital signature
