[Bug 1140] New: nft dump invalid (flow table)
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Apr 1 19:59:41 CEST 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1140
Bug ID: 1140
Summary: nft dump invalid (flow table)
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: netfilter at d9c.eu
Hi,
test.nft:
#!/usr/bin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0;
ip protocol icmp flow table i4 { icmp type counter } accept
ip6 nexthdr icmpv6 flow table i6 { icmpv6 type counter } accept
}
}
eof
nft -f test.nft
nft list ruleset > test1.nft
nft flush ruleset
nft -f test1.nft
test1.nft:4:33-41: Error: conflicting protocols specified: inet-service vs.
icmp
flow table i4 { icmp type counter packets 0 bytes 0} accept
^^^^^^^^^
test1.nft:
table inet filter {
chain input {
type filter hook input priority 0; policy accept;
flow table i4 { icmp type counter packets 0 bytes 0} accept
flow table i6 { icmpv6 type counter packets 0 bytes 0} accept
}
}
I am using nftables v0.7 on ArchLinux x64
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170401/757e1d31/attachment.html>
More information about the netfilter-buglog
mailing list