Marek Küthe <m-k-mailling-list@xxxxxxx> wrote:
> > > 1) Is it possible to perform OR operations in nftables? For example
> > > `ip6 saddr ::/128 OR ip saddr 127.0.0.1/8 accept;` As far as I
> > > understand it, everything else is concatenated with AND.
> >
> > No. Nor would a set suffice, as ipv4_addr and ipv6_addr elements cannot be mixed.
>
> Too bad nftables doesn't have something like that.
Anon chain would come closest:
iifname "lo" jump {
ip saddr 127.0.0.0/8 accept
ip6 saddr ::1 accept
}
