[pkg-netfilter-team] Bug#879684: nftables: cannot set rules with a script
Arturo Borrero Gonzalez
arturo at debian.org
Fri Oct 27 11:00:41 UTC 2017
Hi!
thanks for the bug report :-)
This seems to be some kind of issue with the syntax.
If you rearrange the rules like in the attached file (based on yours)
then all the ruleset loads fine.
You seem to be mixing 2 syntax in the same 'batch', which seems to be
the cause of the confusion for nftables.
Syntax 1)
add table mytable
add chain mytable mychain
add rule mytable mychain ip saddr 1.1.1.1 counter accept
Syntax 2)
table mytable {
chain mychain {
ip saddr 1.1.1.1 counter accept
}
}
Both are suitable for 'nft -f', but you are mixing both. Pick one :-)
Closing this bug now, please, feel free to reopen.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: t.nft
Type: application/octet-stream
Size: 1266 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-netfilter-team/attachments/20171027/3b850629/attachment.obj>
More information about the pkg-netfilter-team
mailing list