Pedretti Fabio <pedretti.fabio@xxxxxxxxx> wrote: > Hi, I tried iptables 1.8 with the new nf_tables back-end using the > Debian 1.8.0-1~exp1 package with my firewall script. > > It seems to properly load most rules, however I am getting an error > when negating an interface and using protocol ports, which works fine > with classic iptables. > > Specifically these work OK: > # iptables -A INPUT ! -i eth0 -p udp -j ACCEPT > # iptables -A INPUT -i eth0 -p udp --dport 5202 -j ACCEPT > > But when using an interface negation with --sport or --dport it > reports an error, here is an example: > # iptables -A INPUT ! -i eth0 -p udp --dport 5202 -j ACCEPT > iptables v1.8.0 (nf_tables): RULE_APPEND failed (Invalid argument): > rule in chain INPUT Thanks for reporting, I think we should make a 1.81 release soon, this bug is fixed in iptables.git already. I'll prepare this, if there are objections please let me know.
