Hi,
Dragos and I are working on getting nft support into ConnMan [1]. Now we
face a small problem with the rule we load, which are essentially:
nft add table connman
nft add chain connman nat-prerouting \
{ type nat hook prerouting priortiy 0 ; }
nft add chain connman nat-postrouting \
{ type nat hook postrouting priortiy 0 ; }
nft add chain connman filter-output \
{ type filter hook output priority 0 ; }
These work nicely using the nft CLI but when we run those commands
via libnftnl after a fresh reboot of the system, there is a ENOENT at
the third rule.
If though all related modules are loaded (e.g. via running the nft cli
first) there is no problem.
So my question is, do we need to load the modules our self first or
should the kernel load the modules by itself?
That is observed with libnftnl 1.0.5 and kernel 4.4.6.
cheers,
daniel
[1] https://lists.01.org/pipermail/connman/2016-April/000643.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
