blob: 467da3ef293278ab206d527a73758295687eb6f7 (
plain)
1
2
3
4
5
6
7
8
9
10
|
:input;type filter hook input priority 0
:ingress;type filter hook ingress device lo priority 0
*ip;test-ip;input
# can remove ip dependency -- its redundant in ip family
ip protocol tcp tcp dport 22;ok;tcp dport 22
# but not here
ip protocol tcp meta mark set 1 tcp dport 22;ok;ip protocol 6 meta mark set 0x00000001 tcp dport 22
|