I followed your example and no go.
/sbin/nft add table ip blackhole
nft list tables
results: blackhole
nft add set filter blackhole { type ipv4_addr\;}
<cmdline>:1:26-42: Error: Could not add set: No such file or directory
Please send me a complete example.
I am trying to migrate my blacklist from ipset/iptables to nft since I
have 33,110 entries and counting. I want to block all forms of
communication with there ip addresses. I want to see how nft performs
by comparison. Does nft have the 65,535 limit for list size?
Jonathan
On Sun, Jun 29, 2014 at 5:12 AM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Sat, Jun 28, 2014 at 02:13:35PM -0500, Jonathan Johnson wrote:
>> http://wiki.nftables.org/wiki-nftables/index.php/Sets
>>
>> States this works and it does not.
>>
>>
>> nft add set filter blackhole { type ipv4_address\;}
>>
>> after reviewing the source code I discovered this is correct:
>>
>>
>> nft add set filter blackhole { type ipv4_addr\;}
>
> Fixed, thanks for reporting.
>
>> after using the correct syntax I get this error, which I have not
>> troubleshooted.
>>
>>
>> I modprobed all the modules starting with nft* one at a time.
>>
>>
>> <cmdline>:1:26-42: Error: Could not add set: No such file or directory
>
> I guess you forgot to create the filter table?
>
> http://wiki.nftables.org/wiki-nftables/index.php/Configuring_tables
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
