I actually have same problem if I use config file and there families are defined:
#!/usr/sbin/nft -f
table ip ipv4_filter {
chain incoming{
type filter hook input priority 0; policy drop;
tcp dport {ssh} log accept
}
}
> On March 19, 2018 at 12:52 AM Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx> wrote:
>
>
> On Sun, Mar 18, 2018 at 11:29:35PM +0100, darius wrote:
> > Hi,
> >
> > Apparently, I can't add log statement in nft firewall. It does not
> > matter if I do it in config file or in command line. In any case I get
> > error:
> >
> > nft add rule filter input log
> > Error: Could not process rule: No such file or directory
> > add rule filter input log
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> [...]
>
> Try inserting the family before the table name. nft always assumes "ip4" if you
> don't. You will then get the above error if table filter is ip6 (or inet).
>
> Cheers ... Duncan.
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
