[Bug 1236] New: Services list is confusingly different from the /etc/services

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sat Mar 24 23:44:20 CET 2018


https://bugzilla.netfilter.org/show_bug.cgi?id=1236

            Bug ID: 1236
           Summary: Services list is confusingly different from the
                    /etc/services
           Product: nftables
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: robin at mccorkell.me.uk

When specifying services by their string form (e.g. "domain" to refer to port
53), an internal service mapping is used (services.c in the source) rather than
the system services database at /etc/services (well, via nsswitch). This
internal service mapping is much smaller than /etc/services, and differs in the
names of some services. This makes it extremely confusing when writing rules.

I'm reporting this as a bug, not as an enhancement, since I think it's a severe
usability issue.

Context:

I've used iptables for a few years, and I wanted to make the switch to nftables
to unify IPv4 and IPv6 configuration. A lot of the syntax is great, a
significant improvement on iptables; but the one thing that stands out badly is
the service mapping. As a new user of nftables, I expect the service mapping to
be identical to /etc/services, and not have a custom, incomplete and
incompatible service list.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180324/27fff617/attachment.html>


More information about the netfilter-buglog mailing list