[Bug 1200] New: anonymous sets containing port numbers
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Mon Nov 6 20:18:28 CET 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1200
Bug ID: 1200
Summary: anonymous sets containing port numbers
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: bugzilla at hard-wired.net
notables 0.8 will fail. 0.7 was working.
A nft rule contains an anonymous set with port numbers will just be ignored :
this will fail :
tcp dport { ftp, ssh, smtp, domain, http } accept
This will works :
set output_tcp_sports {
type inet_service
elements = { ssh, smtp, domain, http }
}
tcp dport @output_tcp_dports accept
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20171106/e15d63bd/attachment.html>
More information about the netfilter-buglog
mailing list