You are not logged in.
Hello,
I'm currently playing around with nftables (Kernel 3.16.3-1, nftables1:0.3-3) . I noticed that loading /etc/nftables.conf which comes with the nftables package either by using
> systemctl start nftables
or
> nft -f /etc/nftables.conf
does nothing, as it seems. It does not give an error but trying to list the currently loaded tables using
> nft list tables
also returns an empty output. Looking at the /etc/nftables.conf file, I noticed that when I change the line
table inet filter {
...
to
table ip filter {
...
(and removing one line specific to ip6) and then reload the rules, the table seems to be added correctly:
> nft list tables
table filter
Am I overlooking something? Is "inet" still unsupported or broken? If it is not supported yet, maybe the included config file should not advertise a "Safe Firewall". But even then, why doesn't nft fail with an error?
Best regards,
Ochi
EDIT:
Nevermind - I should have listed the tables using
> nft list tables inet
as "ip" is the default family.
Last edited by Ochi (2014-09-27 20:17:16)
Offline