On Wed, Jun 05, 2024 at 05:35:32PM -0700, Jakub Kicinski wrote: > On Wed, 5 Jun 2024 11:28:17 +0800 Jianguo Wu wrote: > > > sysctl: cannot stat /proc/sys/net/netfilter/nf_hooks_lwtunnel: No such file or directory > > > Warning: Extension rpfilter revision 0 not supported, missing kernel module? > > > iptables v1.8.9 (nf_tables): RULE_APPEND failed (No such file or directory): rule in chain PREROUTING > > > > > > > What is your kernel version? The file was introduced from v5.15-rc1 > > > > > Looks we are missing some config in selftest net/config. > > > > > > > Sorry, I can't find what config to add, please tell me. > > Please follow the instructions from here: > https://github.com/linux-netdev/nipa/wiki/How-to-run-netdev-selftests-CI-style > the kernel we build for testing is minimal. > > We see this output: > > # ################################################################################ > # TEST SECTION: SRv6 VPN connectivity test with netfilter enabled in routers > # ################################################################################ If I run the test specifically, I also got error: sysctl: cannot stat /proc/sys/net/netfilter/nf_hooks_lwtunnel: No such file or directory This is because CONFIG_NF_CONNTRACK is build as module. The test need to load nf_conntrack specifically. I guest the reason you don't have this error is because you have run the netfilter tests first? Which has loaded this module. > # Warning: Extension rpfilter revision 0 not supported, missing kernel module? > # iptables v1.8.8 (nf_tables): RULE_APPEND failed (No such file or directory): rule in chain PREROUTING > # Warning: Extension rpfilter revision 0 not supported, missing kernel module? > # iptables v1.8.8 (nf_tables): RULE_APPEND failed (No such file or directory): rule in chain PREROUTING Just checked, we need CONFIG_IP_NF_MATCH_RPFILTER=m in config file. Thanks Hangbin
