Rosysong <rosys...@rosinson.com> wrote:
> I met a strange issue on nftables when I ran my commands on Linux (mips
> target, linux-4.9.102).
> Using specific ip address can not restrict the traffic flow while using
> broadcast address is ok (The ip for my machine is 192.168.2.223). Anybody
> can tell my why ??
Looks like an endianess problem, however:
# nft list ruleset
table ip filter {
chain input {
type filter hook input priority 0; policy accept;
ip daddr 10.16.64.0/21 counter packets 139 bytes 11144
}
}
Thats 4.9.103, running on s390 (also big endian).
This kernel lacks
commit 10596608c4d62cb8c1c2b806debcbd32fe657e71
netfilter: nf_tables: fix mismatch in big-endian system
but that bug only causes mismatch for matches < u32, i.e.
tcp ports and the like.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
