blob: 0eb172a8cf066f2098899b13842191efd493f863 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
#!/bin/bash
set -e
RULESET="table netdev x {
set x {
typeof vxlan ip saddr . vxlan ip daddr
elements = {
3.3.3.3 . 4.4.4.4,
}
}
set y {
typeof vxlan ip saddr
flags dynamic
}
chain y {
udp dport 4789 vxlan ip saddr . vxlan ip daddr { 1.1.1.1 . 2.2.2.2 } counter
udp dport 4789 vxlan ip saddr . vxlan ip daddr @x counter
udp dport 4789 update @y { vxlan ip saddr }
}
}"
$NFT -f - <<< $RULESET
|