# nft -f /tmp/x
/tmp/x:3:26-36: Error: This chain type cannot be bound to device
type filter hook input device eth0 priority 0
^^^^^^^^^^^
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
src/evaluate.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/evaluate.c b/src/evaluate.c
index 84fe89eed657..fcc79386b325 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3805,6 +3805,9 @@ static int chain_evaluate(struct eval_ctx *ctx, struct chain *chain)
if (!chain->dev_expr)
return __stmt_binary_error(ctx, &chain->loc, NULL,
"Missing `device' in this chain definition");
+ } else if (chain->dev_expr) {
+ return __stmt_binary_error(ctx, &chain->dev_expr->location, NULL,
+ "This chain type cannot be bound to device");
}
}
--
2.11.0
