You are not logged in.
- Topics: Active | Unanswered
#1 2019-10-16 10:16:01
- blochl
- Member
- Registered: 2018-08-31
- Posts: 77
Nftables Wiki question - possible typo?
On the Nftables Wiki page (https://wiki.archlinux.org/index.php/Nftables) there's this line in the "Simple_stateful_firewall" section:
`nft add rule inet filter input counter reject with icmp type prot-unreachable`
I'm wondering, is it correct, ("protocol unreachable") or should it end with "port-unreachable" instead?
Offline
#2 2019-10-16 10:42:44
- schard
- Forum Moderator
- From: Hannover
- Registered: 2016-05-06
- Posts: 1,985
- Website
Re: Nftables Wiki question - possible typo?
This is obviously a typo. If you search the article for "port-unreachable", you'll see that this is used more frequently.
Also the official nftables wiki would have cleared this up.
Feel free to correct the typo.
Oops. I was too quick to judge this.
prot-unreachable is actually used for protocol unreachable.
I think that it's used corretly in the Wiki.
Probably the nftables devs wanted to troll the users with this, since protocol is more commonly abbreviated as "proto", which would circumvent any possible confusion.
Last edited by schard (2019-10-16 10:47:07)
macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }
Offline
#3 2019-10-16 12:57:32
- blochl
- Member
- Registered: 2018-08-31
- Posts: 77
Re: Nftables Wiki question - possible typo?
Yeah, because I did see "prot-unreachable" in other sources as well, but much less frequently than "port-unreachable". So I wondered whether it's a typo which is just being copied from example to example. But now it looks like it isn't. Thanks.
Offline