On 01/10/2019 02:03 PM, Pablo Neira Ayuso wrote:
Did you compile your kernel with NF_TABLES_INET=y ?
I would have a look at your .config to review your nf_tables
configuration, make sure nothing was left behind unset.
Thanks! this is illuminating. Since I am using the Armbian stock kernel
I have no idea what it has, or what is needed. /proc/config.gz says:
CONFIG_NF_TABLES=m
CONFIG_NF_TABLES_SET=m
# CONFIG_NF_TABLES_INET is not set
# CONFIG_NF_TABLES_NETDEV is not set
# CONFIG_NFT_NUMGEN is not set
CONFIG_NFT_CT=m
CONFIG_NFT_FLOW_OFFLOAD=m
CONFIG_NFT_COUNTER=m
CONFIG_NFT_CONNLIMIT=m
CONFIG_NFT_LOG=m
CONFIG_NFT_LIMIT=m
CONFIG_NFT_MASQ=m
CONFIG_NFT_REDIR=m
CONFIG_NFT_NAT=m
CONFIG_NFT_TUNNEL=m
# CONFIG_NFT_OBJREF is not set
CONFIG_NFT_QUEUE=m
# CONFIG_NFT_QUOTA is not set
CONFIG_NFT_REJECT=m
CONFIG_NFT_COMPAT=m
CONFIG_NFT_HASH=m
CONFIG_NFT_SOCKET=m
CONFIG_NFT_OSF=m
CONFIG_NFT_TPROXY=m
So _INET and _NETDEV are not set, and neither OBJREF or QUOTA... is
_INET just for "inet" type tables (ie. combined ipv4 ipv6) or have they
left out all the functionality here ? ;-)
(turns out yes, they left out ipv4, ipv6, arp... pretty much everything
). Also even though I tell Thunderbird to send plain text, it seems not
to do it... sorry if this is hitting the list multiple times.
