[Dnsmasq-discuss] Using nftables internal "ipset" rule
Simon Kelley
simon at thekelleys.org.uk
Sat Jun 24 23:23:53 BST 2017
On 16/06/17 18:16, Jason A. Donenfeld wrote:
> Hey Simon,
>
> Fast forward 5 years from when I wrote the original ipset patch for
> dnsmasq, and I too have a need for nftables support with it. Did you
> ever figure out how to add nft sets to dnsmasq? If not, maybe I'll
> take a stab at it in the next few months.
>
> Jason
>
I didn't. Please fell free to look at this.
A thought. Rather than importing another library to access this, could
we do something that runs the command-line tool, and would be easier to
update to the next filtering solution, or the filters in other OS's. It
would be generally more flexible.
so we could have something like ipset, but which just runs an arbirary
command, (which would be "ipset add ......" for ipset) but could instead
run the nftables utility, or something completely different.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list