Ok, my bad. I was running nft as non-root user, therefore I got this fault. No problems running as 'root'. /Darius On 24-06-2018 14:51, darius wrote: > Hi. I have just installed nftables 0.9.0 on my router and when I tried > to add ruleset script to it with command 'nft -f ruleset.nft' then I got > 'segmentation fault'. Same ruleset was working without any problems with > nft 0.8.5. So the first idea that came to my mind is that I run > incompatible kernel. I use 4.14.50 on OpenWRT/LEDE. > If it is a case, then I need to raise a ticket in OpenWRT. > > Last information in '--debug all' was this: > > ./ruleset.nft:290:18-31: Evaluate symbol > ip saddr @port_scanners log group 1 log prefix "Drop port > scanners" group 2 counter drop > ^^^^^^^^^^^^^^ > $port_scanners > > ---------------- ------------------ > | 0000000020 | | message length | > | 02576 | R--- | | type | flags | > | 0000000001 | | sequence number| > | 0000000000 | | port ID | > ---------------- ------------------ > | 00 00 00 00 | | extra header | > ---------------- ------------------ > ---------------- ------------------ > | 0000000020 | | message length | > | 02561 | R--- | | type | flags | > | 0000000001 | | sequence number| > | 0000000000 | | port ID | > ---------------- ------------------ > | 00 00 00 00 | | extra header | > ---------------- ------------------ > ---------------- ------------------ > | 0000000036 | | message length | > | 02570 | R-A- | | type | flags | > | 0000000001 | | sequence number| > | 0000000000 | | port ID | > ---------------- ------------------ > | 02 00 00 00 | | extra header | > |00013|--|00001| |len |flags| type| > | 69 70 76 34 | | data | i p v 4 > | 5f 6e 61 74 | | data | _ n a t > | 00 00 00 00 | | data | > ---------------- ------------------ > Segmentation fault >
Attachment:
signature.asc
Description: OpenPGP digital signature
