git.ipfire.org Git - thirdparty/nftables.git/commit

]> git.ipfire.org Git - thirdparty/nftables.git/commit

projects / thirdparty / nftables.git / commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 17 Mar 2015 15:36:15 +0000 (16:36 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 17 Mar 2015 16:26:03 +0000 (17:26 +0100)
commit	acdfae9c3126ff8716c93713f13e8e31a85d5e95
tree	3b6c0d51c0062c54243d62565330ea99bba6ab23	tree
parent	ac3a68fb768b7f0e20493038139faa4704dc1846	commit \| diff

src: allow to specify the default policy for base chains

The new syntax is:

nft add chain filter input { hook input type filter priority 0\; policy accept\; }

but the previous syntax is still allowed:

nft add chain filter input { hook input type filter priority 0\; }

this assumes default policy to accept.

If the base chain already exists, you can update the policy via:

nft add chain filter input { policy drop\; }

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

doc/nft.xml		diff \| blob \| blame \| history
include/rule.h		diff \| blob \| blame \| history
src/netlink.c		diff \| blob \| blame \| history
src/parser_bison.y		diff \| blob \| blame \| history
src/rule.c		diff \| blob \| blame \| history

Mirror of git://git.netfilter.org/nftables

RSS Atom