Thanks Arturo > I'm using Debian, of course :-) I see that Debian Sid has kernel 4.7.8-1, where Arch is at kernel 4.8.4-1. So I tried loading the test.nft on a machine running the Arch lts kernel, 4.4.27-1. It loaded without any problem. At this point, I will infer that nftables-0.6 or libnftnl 1.0.6 is not playing well with linux 4.8, where there seems to be a problem on both 4.8.1 and 4.8.4, but not on 4.4.27 or 4.7.8. Is there any way you could try loading test.nft with a recent 4.8 kernel? > You could check the config of your kernel. That error message seems to > come from the kernel. That makes sense, since this issue seems to track with kernel version. > Please, check NF_TABLES* and NFT_* symbols (also NF_*) No problem there. Those modules are all enabled. > Yes, the error reporting in the 'nft -f' situation is something to improve, > specially with kernel reported errors. Assuming this issue is something to do with linux kernel interaction, any suggestion about where to look next? Has the kernel changed the nft_reject sysfs interface? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
