search for: aksecurity

...tant value, e.g. ct mark Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter: aksecurity at gmail.com I'd like to filter e.g. "@ih,0,32 ct mark", but that results in a syntax error (whereas "@ih,0,32 123" does not). Example: # nft 'add rule inet foo bar udp sport 1234 @ih,0,32 ct mark' Error: syntax error, unexpected ct add rule inet foo bar udp sport...

...Product: netfilter/iptables Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: unknown Assignee: netfilter-buglog at lists.netfilter.org Reporter: aksecurity at gmail.com I noticed that while I can write payload data into ct mark (and into meta mark), I cannot copy data from ct mark (and meta mark) into the packet. NFT complains about mismatching types (expecting integer, but ct mark is "packet mark" type). But this type mismatch doesn't...