nftables - nft command line tool

diff options

author	Pablo Neira Ayuso <pablo@netfilter.org>	2019-05-22 22:06:16 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-05-24 21:14:30 +0200
commit	4b0f2a712b5792d2842d89fe68d4230e0eb05c7e (patch)
tree	954a866715d95529e65f39c3ff90920973186ac1 /src/json.c
parent	eeda228c2d1719f5b6276b40ad14a5b3c3e88536 (diff)

src: support for arp sender and target ethernet and IPv4 addresses

# nft add table arp x # nft add chain arp x y { type filter hook input priority 0\; } # nft add rule arp x y arp saddr ip 192.168.2.1 counter Testing this: # ip neigh flush dev eth0 # ping 8.8.8.8 # nft list ruleset table arp x { chain y { type filter hook input priority filter; policy accept; arp saddr ip 192.168.2.1 counter packets 1 bytes 46 } } You can also specify hardware sender address, eg. # nft add rule arp x y arp saddr ether aa:bb:cc:aa:bb:cc drop counter Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'src/json.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: