ip sets add remove

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I created a set of ips:
#!/bin/bash
NFT=/usr/sbin/nft
$NFT add set inet filter ALLOWIPS { type ipv4_addr \; flags constant,
interval \; }.
$NFT flush set inet filter ALLOWIPS
$NFT add element inet filter ALLOWIPS { 172.17.0.0/24 }
$NFT add element inet filter ALLOWIPS { 192.168.0.0/24 }
$NFT add element inet filter ALLOWIPS { 192.168.1.58 }
$NFT add element inet filter ALLOWIPS { 192.168.1.89 }
$NFT add element inet filter ALLOWIPS { 192.168.1.125 }
$NFT add element inet filter ALLOWIPS { 192.168.1.179 }
$NFT add element inet filter ALLOWIPS { 192.168.1.212 }

Then I use this set
# nft add rule inet filter input iifname int1 ip daddr 8.8.8.8  ip saddr
@ALLOWIPS accept

But when I try to remove / add ips I get:
# nft add element inet filter ALLOWIPS { 192.168.1.58 }
Error: Could not process rule: Device or resource busy
add element inet filter ALLOWIPS { 192.168.1.58 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
# nft flush set inet filter ALLOWIPS
Error: Could not process rule: Device or resource busy
flush set inet filter ALLOWIPS
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Why?
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux