On Tue, Jun 09, 2015 at 11:16:30AM +0000, Andreas Schultz wrote: > Hi, > > While testing iptables-compat, I've come across some weird behavior: > > # iptables-compat -t mangle -N TEST > # iptables-compat -t mangle -A PREROUTING -j TEST > > This works nicely, but when we put something in the TEST chain: > > # iptables-compat -t mangle -A TEST -j MARK --set-mark 0x80000000/0x80000000 > # iptables-compat -t mangle -A PREROUTING -j TEST > iptables-compat: Invalid argument. Run `dmesg' for more information. > > dmesg does not contain any information. > > The same problem exists for all default chains in mangle, filter and nat. > > Kernel is: 4.1-rc5 > iptables: git://git.netfilter.org/iptables, branch master, commit 0bb1859e2d6dd79a0a59c3ee65f6a78cba118b86 > nftables: git://git.netfilter.org/nftables, branch next-4.1, commit a93bc1795b272174a10d90961a248f2c620bfa2c Given that the pernet netfilter hooks are on its way to reach mainstream (Eric Bierderman is working on that). Could you help me diagnosing this problem? The nf_tables kernel side is rejecting this with -EINVAL. Is this a new bug in the 4.1-rc series? Thank you. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
