Hi, ----- Original Message ----- > From: "Pablo Neira Ayuso" <pablo@xxxxxxxxxxxxx> > To: "Andreas Schultz" <aschultz@xxxxxxxx> > Cc: netfilter-devel@xxxxxxxxxxxxxxx > Sent: Tuesday, June 16, 2015 6:07:25 PM > Subject: Re: iptables nftables compat weirdness [...] > Could you help me diagnosing this problem? The nf_tables kernel side > is rejecting this with -EINVAL. Is this a new bug in the 4.1-rc > series? I've only worked with this on 4.1-rc5. I'm currently rebuilding the system for testing with 3.19 and 4.0, but this will take some time. I did inject some debug printk's and was able to track the -EINVAL to nft_target_validate. It seems that this validate is only executed when then target chain contains some rules. The validation is not executed when the target chain is empty. > > Thank you. Andreas -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
