[Bug 1307] New: Implement interface for 'ipv4_addr' in arptables

Mon Dec 3 17:25:57 CET 2018

https://bugzilla.netfilter.org/show_bug.cgi?id=1307

            Bug ID: 1307
           Summary: Implement interface for 'ipv4_addr' in arptables
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: kvapss at gmail.com

There is only way for specify IPv4 address for arp filters for now:

    plen 4 @nh,64,32 XXXXXXXXXX (source ip)
    plen 4 @nh,96,32 XXXXXXXXXX destination ip)

Where XXXXXXXXXX is ip in decimal format.

Need opportunity for specify source and destination IPv4 address same way like
saddr and daddr.

We need more user-friendly keys and support 'ipv4_addr' type for them.

Using ipsets for arptables is not working because of that too:

> Error: datatype mismatch, expected integer, expression has type IPv4 address
> add rule arp filter input arp operation request arp plen 4 @nh,96,32 @k8s_services counter drop
>                                                            ~~~~~~~~~ ^^^^^^^^^^^^^

And no way for using integers in sets:
https://www.spinics.net/lists/netfilter-devel/msg36817.html

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20181203/44c1ee00/attachment.html>