[Bug 1236] New: Services list is confusingly different from the /etc/services
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Mar 24 23:44:20 CET 2018
https://bugzilla.netfilter.org/show_bug.cgi?id=1236
Bug ID: 1236
Summary: Services list is confusingly different from the
/etc/services
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: robin at mccorkell.me.uk
When specifying services by their string form (e.g. "domain" to refer to port
53), an internal service mapping is used (services.c in the source) rather than
the system services database at /etc/services (well, via nsswitch). This
internal service mapping is much smaller than /etc/services, and differs in the
names of some services. This makes it extremely confusing when writing rules.
I'm reporting this as a bug, not as an enhancement, since I think it's a severe
usability issue.
Context:
I've used iptables for a few years, and I wanted to make the switch to nftables
to unify IPv4 and IPv6 configuration. A lot of the syntax is great, a
significant improvement on iptables; but the one thing that stands out badly is
the service mapping. As a new user of nftables, I expect the service mapping to
be identical to /etc/services, and not have a custom, incomplete and
incompatible service list.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180324/27fff617/attachment.html>
More information about the netfilter-buglog
mailing list