While rewriting my ip(6)tables firewall to nftables, I combined a bunch of rules into one. Now there are two rules that I can't seem to combine, rules that forward portA tcp and portB udp to the same ip address.
The closest example I could find is the rule listed at
https://wiki.nftables.org/wiki-nftab...s#Literal_sets
Code:
nft add rule ip filter input ip saddr . ip daddr . ip protocol { 1.1.1.1 . 2.2.2.2 . tcp, 1.1.1.1 . 3.3.3.3 . udp} counter accept
This rule allows two combinations of source address, destination address and protocol. I've been trying to rewrite it to allow combinations of ports and protocol.
So far without success.
Does anyone know if it's even possible what I am trying to do here?