[Bug 993] New: nft produces incorrect output when a reject rule is added using nft -f
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Dec 30 14:18:02 CET 2014
https://bugzilla.netfilter.org/show_bug.cgi?id=993
Bug ID: 993
Summary: nft produces incorrect output when a reject rule is
added using nft -f
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Fedora
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: lantw44 at gmail.com
When I inserted this simple rule using 'nft -f':
table inet filter {
chain input {
reject with icmp type host-prohibited
}
}
'nft list table inet filter' showed differenct output:
table inet filter {
chain input {
reject
}
}
Things after the reject command are missing. This problem doesn't happen when
the rule is added using 'nft add rule'.
When I tried to restore the settings produced by 'nft list table inet filter',
it showed 'Error: Could not process rule: Invalid argument' on Fedora 21 (which
uses Linux 3.17.7), but it worked on Fedora rawhide (which uses Linux 3.18.1).
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20141230/1d5a4b30/attachment.html>
More information about the netfilter-buglog
mailing list