]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0c512cf) | patch
netlink: Allow to invert the ranges
authorÁlvaro Neira Ayuso <alvaroneay@gmail.com>
Wed, 28 May 2014 10:08:22 +0000 (12:08 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 5 Jun 2014 14:55:01 +0000 (16:55 +0200)
commitc000b14c35bf7722225a334ea3461976e78561dd
treebd7623b217aafd44c44372e9621fc6f69741bbe9tree | snapshot
parent0c512cf7f26363713b8c76a6a826e2401e21907fcommit | diff
netlink: Allow to invert the ranges

This patch fix the bug:

http://bugzilla.netfilter.org/show_bug.cgi?id=924

Before, nftables doesn't permit invert ranges. This patch allows
add rules like this:

nft add rule ip test input ip daddr != 192.168.1.2-192.168.1.55
or
nft add rule ip test input ip daddr == 192.168.1.2-192.168.1.55

Also, we still have the option for adding rules like this:

sudo nft add rule ip test output frag id 33-45

Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/netlink_linearize.c diff | blob | blame | history
Mirror of git://git.netfilter.org/nftables