Hey,
So I've just started trying out nftables, but I've hit a snag:
~# nft add chain inet filter input { type filter hook input priority 0 \; }
Error: Could not process rule: No such file or directory
add chain inet filter input { type filter hook input priority 0 ; }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The most promising description I could find about this, suggested that
it was missing Linux modules that I needed to load, but I'm not sure
which I'm missing. I've tried loading some randomly, but it hasn't
helped [1]. The list tables command shows "table inet filter", so I
think I have the prerequsites to create a chain.
Any suggestions?
Thanks,
Chris
1: ~# lsmod | grep nf
nf_socket_ipv4 16384 0
nf_reject_ipv4 16384 0
nft_reject 16384 0
nft_limit 16384 0
nft_log 16384 0
nft_counter 16384 0
nft_compat 20480 0
nft_nat 16384 0
nf_conntrack_ipv4 16384 1
nf_defrag_ipv4 16384 1 nf_conntrack_ipv4
nf_nat_ipv4 16384 0
nf_nat 32768 2 nft_nat,nf_nat_ipv4
nf_conntrack 126976 4 nf_conntrack_ipv4,nf_nat,nft_nat,nf_nat_ipv4
libcrc32c 16384 2 nf_conntrack,nf_nat
nft_set_bitmap 16384 0
nft_set_hash 24576 0
nft_set_rbtree 16384 0
nf_tables 98304 9 nft_compat,nft_set_rbtree,nft_log,nft_nat,nft_set_bitmap,nft_counter,nft_limit,nft_set_hash,nft_reject
x_tables 40960 3 iptable_filter,nft_compat,ip_tables
nfnetlink 16384 2 nft_compat,nf_tables
Attachment:
signature.asc
Description: PGP signature
