Hi,
I’m still a newbie to nftables and couldn’t distinguish right behavior from a bug.
I found a weird behavior of nft command.
# nft -f /etc/nftables/inet-filter
# nft add rule inet filter input log drop
# nft add rule inet filter input ip saddr 192.168.1.21 // without any action like ‘drop’, ‘accept’, ‘log’ and so on
# nft list chain inet filter input
table inet filter {
chain input {
type filter hook input priority 0;
log drop
^C << - - - - - - - break
I have 2 questions.
1. Adding a rule without any action didn’t result any error. Was it correct behavior?
2. After adding a rule, nft didn’t return, needed to break, ^C. Was it a bug?
My environment was as followings.
nftables-0.100-3.20140704git.fc21.x86_64
libnftnl-1.0.2-1.fc21.x86_64
kernel-3.15.4-200.fc20.x86_64
Best Rio.--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
