Jakub Kicinski <kuba@xxxxxxxxxx> wrote: > On Wed, 24 Jan 2024 12:13:43 -0800 Jakub Kicinski wrote: > > > if that is the nftables backend, it might be also that .config is > > > missing CONFIG_NF_TABLES and CONFIG_NFT_COMPAT there, among other > > > options. > > > > FWIW full config: > > > > https://netdev-2.bots.linux.dev/vmksft-net-mp/results/435321/config > > > > CONFIG_NFT_COMPAT was indeed missing! Let's see how it fares with it enabled. > > NFT_COMPAT fixed a lot! One remaining warning comes from using > -m length. Which NFT config do we need for that one? CONFIG_NETFILTER_XT_MATCH_LENGTH=m|y
