[pkg-netfilter-team] Bug#916863: Bug#916863: [nftables] tproxy action not parsed correctly
Michał Mirosław
mirq-deboogs at rere.qmqm.pl
Wed Dec 19 17:22:02 GMT 2018
On Wed, Dec 19, 2018 at 06:05:10PM +0100, Arturo Borrero Gonzalez wrote:
> On 12/19/18 5:57 PM, Michał Mirosław wrote:
> > Package: nftables
> > Version: 0.9.0-2
> > Severity: normal
> >
> > --- Please enter the report below this line. ---
> >
> > # nft add rule inet filter divert 'ip6 daddr ::/0 meta l4proto tcp tproxy to :2000 meta mark set 1 accept'
> > Error: syntax error, unexpected to
> > add rule inet filter divert ip6 daddr ::/0 meta l4proto tcp tproxy to :2000 meta mark set 1 accept
> > ^^
> >
> > RedHats have the same problem: https://bugzilla.redhat.com/show_bug.cgi?id=1651813
> >
>
> This may be a bug in the documentation.
>
> Try something like:
>
> * tproxy ip to 192.0.2.1
> * tproxy ip6 to [2001:db8::1]:50080
It accepts an address, but then barfs at anything further, even EOL.
# nft add rule inet filter divert 'ip6 daddr ::/0 meta l4proto tcp tproxy ip6 [::1]'
Error: syntax error, unexpected newline
add rule inet filter divert ip6 daddr ::/0 meta l4proto tcp tproxy ip6 [::1]
^
More information about the pkg-netfilter-team
mailing list