On 10 October 2016 at 20:21, James <vger_tracker@xxxxxxxxxxxxxx> wrote:
> This is "nftables/xenial,now 0.5+snapshot20151106-1 amd64" on "Release
> 16.04.1 LTS (Xenial Xerus) 64-bit", "Kernel Linux 4.4.0-38-generic x86_64".
>
> The (very simple) nft ruleset below has been working well for me.
>
> But now I've tried to add the set "blackhole" and it does make it into the
> ruleset but attempting to add an element produces:
>
> # nft add element firewall blackhole { 1.2.3.4 timeout 2h }
> <cmdline>:1:1-53: Error: Could not process rule: Table 'firewall' does not
> exist
> add element firewall blackhole { 1.2.3.4 timeout 2h }
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> #
The command is missing the family spec, i.e, 'inet'.
By default, nft will use 'ip' as family, and perhaps no table
'firewall' exists in the ip family.
BTW Perhaps you could switch to a newer version of nftables. Debian
(and ubuntu) includes 0.6 already.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
