[Bug 1310] syntax issue with tproxy
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Wed Apr 3 22:26:11 CEST 2019
https://bugzilla.netfilter.org/show_bug.cgi?id=1310
Michał Mirosław <mirq-boogs at rere.qmqm.pl> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mirq-boogs at rere.qmqm.pl
--- Comment #2 from Michał Mirosław <mirq-boogs at rere.qmqm.pl> ---
Debian's version is v0.9.0 and doesn't support tproxy yet.
I tried current git master, but there seem to be some bugs left:
# /usr/local/sbin/nft list ruleset
table inet filter {
chain divert {
type filter hook prerouting priority mangle; policy accept;
}
}
# /usr/local/sbin/nft add rule inet filter divert ip daddr 0.0.0.0/0 meta
l4proto tcp tproxy to :2000
Error: Conflicting network layer protocols.
add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy to :2000
^^^^^^^^^^^^^^^
# /usr/local/sbin/nft add rule inet filter divert ip daddr 0.0.0.0/0 meta
l4proto tcp tproxy ip to :2000
Error: syntax error, unexpected colon
add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy ip to
:2000
^
Adding rule without 'ip daddr 0.0.0.0/0' works with 'tproxy to :2000', but
fails the parse as above with 'tproxy ip to :2000'.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190403/c846e256/attachment.html>
More information about the netfilter-buglog
mailing list