diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-09-16 21:53:17 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-09-16 21:55:31 +0200 |
commit | bd81d5e8d0fc2300c864754804ff8be74f14cfce (patch) | |
tree | 1ff14a097d4d750b6bd4ddf3a8383ee33034e1c8 /src/xdp/common/common_defines.h | |
parent | 748dab43b87c3993bdd5c697e7b778ed7a8e48a1 (diff) | |
download | vyos-1x-bd81d5e8d0fc2300c864754804ff8be74f14cfce.tar.gz vyos-1x-bd81d5e8d0fc2300c864754804ff8be74f14cfce.zip |
firewall: T2199: enable "auto-merge" on sets
vyos@vyos# show firewall
+name foo {
+ rule 1 {
+ action accept
+ packet-length 100
+ packet-length 105
+ packet-length 200-300
+ packet-length 220-250
+ }
+}
will report a nftables error upon load: Error: conflicting intervals specified
With nftables 1.0.3 there is an "auto-merge" option which corrects this:
https://lwn.net/Articles/896732/
Diffstat (limited to 'src/xdp/common/common_defines.h')
0 files changed, 0 insertions, 0 deletions