Hello,
I am trying to "compact" the following rules:
table netdev filter {
chain ingress {
type filter hook ingress device "eth0" priority -500;
# ...
meta protocol ip \
tcp flags syn \
tcp option maxseg size lt 536 \
log prefix "TCP MSS: " \
counter packets 0 bytes 0 \
drop
meta protocol ip6 \
tcp flags syn \
tcp option maxseg size lt 1220 \
log prefix "TCP MSS: " \
counter packets 0 bytes 0 \
drop
}
}
into something like:
table netdev filter {
chain ingress {
type filter hook ingress device "eth0" priority -500;
# ...
meta protocol tcp option maxseg size map lt {
ip : 536,
ip6 : 1220
} \
tcp flags syn \
log prefix "TCP MSS: " \
counter packets 0 bytes 0 \
drop
}
}
but I am getting errors, as my syntax is obviously wrong. The first error is:
Error: syntax error, unexpected size, expecting newline or semicolon
meta protocol tcp option maxseg size map lt {
^^^^
What is the correct syntax for this?
