[pkg-netfilter-team] Bug#946932: /usr/sbin/ebtables-nft-restore requires /etc/ethertypes
Alberto Molina Coballes
alb.molina at gmail.com
Thu Dec 26 15:20:29 GMT 2019
On Thu, Dec 26, 2019 at 03:41:32PM +0100, Marco d'Itri wrote:
> OK. One more thing: can I make the names lower case like in the other
> numbers files or are they case sensitiv?
>
AFAIK they're not case sensitive, i.e. these two commands (one
lowercase and the other uppercase) work as expected:
# ebtables -A FORWARD -p arp -j ACCEPT
# ebtables -A FORWARD -p IPv6 -j ACCEPT
Listing the rules applied, there's no difference between the lowercase
and the uppercase rule (both are listed in uppercase):
# ebtables -L FORWARD
Bridge table: filter
Bridge chain: FORWARD, entries: 2, policy: ACCEPT
-p ARP -j ACCEPT
-p IPv6 -j ACCEPT
But, those protocol names are obtained from ethertypes, if they're
"lowercased" in /etc/ethertypes the output differs (now the rules are
listed in lowercase):
...
-p arp -j ACCEPT
-p ipv6 -j ACCEPT
So any tool reading from ebtables output can be broken.
I think it's better not to put the names in lowercase.
Thanks,
Alberto
More information about the pkg-netfilter-team
mailing list