[pkg-netfilter-team] Bug#887643: Error: syntax error, unexpected ., expecting comma or '}'

ad^2 adsquaired at gmail.com
Thu Jan 18 16:41:54 UTC 2018 

Package: nftables
Version: 0.8.1-1
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate
***

   * Converting working iptables rules to nft rules.
   * Original iptables rule
     ** -A INPUT -s 10.0.0.0/8 -d 10.0.0.0/8 -i eth0 -p udp -m udp --dport
25 -j ACCEPT
     ** -A INPUT -s 10.0.0.0/8 -d 10.0.0.0/8 -i eth0 -p udp -m udp --dport
80 -j ACCEPT
   * translated to nftables
     ** nft add map mapper incoming {type ipv4_addr . ipv4_addr .
inet_service : verdict \;}
     ** nft add rule mapper input ip saddr . ip daddr . tcp dport vmap
@incoming
     ** nft add element mapper incoming { 10.0.0.0/8 . 10.0.0.0/8 . 25 :
accept }

   * Error
     ** <cmdline>:1:42-42: Error: syntax error, unexpected ., expecting
comma or '}'
   * This works although its not valid - note CIDR notation is removed.
     ** add element mapper incoming { 10.0.0.0 . 10.0.0.0 . 10050 : accept }

   * There is an expectation CIDR notation will work with the ipv4_addr
type when it works with saddr and daddr..


-- System Information:
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-87-generic (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US: (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nftables depends on:
ii  dpkg          1.18.4ubuntu1.3
ii  libc6         2.23-0ubuntu9
ii  libgmp10      2:6.1.0+dfsg-2
ii  libmnl0       1.0.3-5
ii  libnftnl7     1.0.9-2
ii  libreadline7  7.0-3
ii  libxtables12  1.6.1-2+b1

nftables recommends no packages.

nftables suggests no packages.

-- no debconf information
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-netfilter-team/attachments/20180118/5c9ff6a8/attachment.html>

More information about the pkg-netfilter-team mailing list