CODEWITHSUNDEEP
nftables
takaomag
takaomag

Reputation: 1635

nftables: MAC address bitwise match

I want to mark tcp/udp packets which have a source MAC address with locally administered bit.

I tried the following 4 nftables rules, the syntax is ok but nothing happens. How to match MAC addresses by bitwise operation ?

meta oifname enp4s0 ether saddr & 0f:00:00:00:00:00 == 02:00:00:00:00:00 meta l4proto {tcp, udp} ct mark set 0x0001
meta oifname enp4s0 ether saddr & 0f:00:00:00:00:00 == 06:00:00:00:00:00 meta l4proto {tcp, udp} ct mark set 0x0001
meta oifname enp4s0 ether saddr & 0f:00:00:00:00:00 == 0a:00:00:00:00:00 meta l4proto {tcp, udp} ct mark set 0x0001
meta oifname enp4s0 ether saddr & 0f:00:00:00:00:00 == 0e:00:00:00:00:00 meta l4proto {tcp, udp} ct mark set 0x0001

Upvotes: 0

Views: 140

Answers (0)

Related Questions