Re: [PATCH] extensions: libip6t_hbh: Add translation to nft

2016-06-02 Thread Laura Garcia
On Thu, Jun 02, 2016 at 01:08:47PM +0200, Pablo Neira Ayuso wrote: > On Thu, Jun 02, 2016 at 12:08:08AM +0200, Laura Garcia Liebana wrote: > > Add translation for Hop-By-Hop header to nftables. Hbh options are not > > supported yet in nft. > > It would be good to document this in the wiki, as

Re: [PATCH] extensions: libip6t_hbh: Add translation to nft

2016-06-02 Thread Pablo Neira Ayuso
On Thu, Jun 02, 2016 at 12:08:08AM +0200, Laura Garcia Liebana wrote: > Add translation for Hop-By-Hop header to nftables. Hbh options are not > supported yet in nft. It would be good to document this in the wiki, as Shivani did already. It would be also good if you can document what is missing

[PATCH] extensions: libip6t_hbh: Add translation to nft

2016-06-01 Thread Laura Garcia Liebana
Add translation for Hop-By-Hop header to nftables. Hbh options are not supported yet in nft. $ sudo ip6tables-translate -t filter -A INPUT -m hbh --hbh-len 22 nft add rule ip6 filter INPUT hbh hdrlength 22 counter $ sudo ip6tables-translate -t filter -A INPUT -m hbh ! --hbh-len 22 nft add rule

Re: [PATCH] extensions: libip6t_hbh: Add translation to nft

2016-03-02 Thread Shivani Bhardwaj
On Wed, Mar 2, 2016 at 5:19 PM, Pablo Neira Ayuso wrote: > On Wed, Mar 02, 2016 at 03:22:43AM +0530, Shivani Bhardwaj wrote: >> Add translation for module hop-by-hop to nftables. >> Full translation of this match awaits the support for --hbh-opts option. >> >> Examples: >> >>

Re: [PATCH] extensions: libip6t_hbh: Add translation to nft

2016-03-02 Thread Pablo Neira Ayuso
On Wed, Mar 02, 2016 at 03:22:43AM +0530, Shivani Bhardwaj wrote: > Add translation for module hop-by-hop to nftables. > Full translation of this match awaits the support for --hbh-opts option. > > Examples: > > $ sudo ip6tables-translate -A INPUT -m hbh --hbh-len 33 > nft add rule ip6 filter

[PATCH] extensions: libip6t_hbh: Add translation to nft

2016-03-01 Thread Shivani Bhardwaj
Add translation for module hop-by-hop to nftables. Full translation of this match awaits the support for --hbh-opts option. Examples: $ sudo ip6tables-translate -A INPUT -m hbh --hbh-len 33 nft add rule ip6 filter INPUT hbh hdrlength 33 counter $ sudo ip6tables-translate -A INPUT -m hbh !