[Bug 1736] nftables - dynamic update for verdict map from the packet path
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Mar 19 13:28:22 CET 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1736
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
(In reply to dinhtrason from comment #0)
> Is there any other alternatives for this issue with the latest nft version?
I have seen rulesets which rely in meta mark to achieve this, thus, you use the
'update' statement to add mappings using any key : meta mark. Then, use the
meta mark for the verdict map lookup to know what chain to visit in the
ruleset.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240319/cf292713/attachment.html>
More information about the netfilter-buglog
mailing list