Package: netfilter
Version: nftables
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
im trying to filter broadcasts with netfilter in the output chain. input is
workiing with pkttype broadcast, but on output i get no matches. i tested that
by using the destination addr 255.255.255.255 for catching broadcasts and that
works. basically im trying to allow DHCP communication (the broadcast part)
you can easily test this by inserting those rules directly at the top of output
chain f.e. (on input it works)
rule: nft add rule inet t1 c_output oifname ${zone_dev} meta pkttype {
broadcast, multicast} counter goto ${zone_out}
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: 10.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
