blob: 450df7271bf68e2618653f78cc80ac06df603aea (
plain)
1
2
3
4
5
6
7
8
9
10
|
:input;type filter hook input priority 0
:ingress;type filter hook ingress device lo priority 0
*ip;test-ip;input
# can remove ip dependency -- its redundant in ip family
ip protocol tcp tcp dport 22;ok;tcp dport 22
# but not here
ip protocol tcp meta mark set 1 tcp dport 22;ok;ip protocol 6 mark set 0x00000001 tcp dport 22
|