Displaying 3 results from an estimated 3 matches for "base_allowed_incoming_tcp_port".
Did you mean:
base_allowed_incoming_tcp_ports
2020 Aug 28
4
[Bug 1456] New: Consider eliding empty variables if expanded within an element list
...o at netfilter.org
Reporter: kfm at plushkava.net
This concerns a minor usability issue that I noticed after evaluting some of
the criticism in the GitHub issue referenced by bug 1434. In the GitHub issue,
one critic complains that this sample ruleset does not work as expected:
define BASE_ALLOWED_INCOMING_TCP_PORTS = {22, 80, 443}
define EXTRA_ALLOWED_INCOMING_TCP_PORTS = {}
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
tcp dport {$BASE_ALLOWED_INCOMING_TCP_PORTS,
$EXTRA_ALLOWED_INCOMING_TCP_PORTS} ct state new counter accept
}
}
Currently, this...
2020 Oct 27
0
[ANNOUNCE] nftables 0.9.7 release
...comment "list of unwanted traffic by IP address"
elements = { 1.1.1.1, 1.2.3.4 }
}
}
You can also specify comments in tables and stateful objects (such
as quota, limit and counters).
* Support for defining empty sets in variables:
define BASE_ALLOWED_INCOMING_TCP_PORTS = {22, 80, 443}
define EXTRA_ALLOWED_INCOMING_TCP_PORTS = {}
table inet x {
chain y {
type filter hook input priority 0; policy drop;
ct state new tcp dport { $BASE_ALLOWED_INCOMING_TCP_PORTS, $EXTRA_ALLOWED_INCOMING_TCP_PORTS } counter accept
}
}
* Al...
2020 Jun 18
10
[Bug 1434] New: Usability improvements, enabling creation of complex firewalls
https://bugzilla.netfilter.org/show_bug.cgi?id=1434
Bug ID: 1434
Summary: Usability improvements, enabling creation of complex
firewalls
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft