Hello all, I see on the wiki saddr/daddr supports using cidr notation. https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes - see saddr <ip source address>. When inserting a network/cidr as an element in a map the following error was displayed. Error: Set member cannot be prefix, missing interval flag on declaration [Version:] nftables v0.9.0 (Fearless Fosdick) [OS:] Ubuntu 18.04 [Rules:] chain forward { type filter hook forward priority 0; policy drop; iif "eth5" ip saddr vmap @forward_out oif "eth5" ip daddr vmap @forward_in } map forward_out { type ipv4_addr : verdict } map forward_in { type ipv4_addr : verdict } nft add element ip <table> forward_in { 192.168.0.0/24 : accept } Set member cannot be prefix, missing interval flag on declaration add element ip <table> forward_in { 192.168.0.0/24 : accept } ^^^^^^^^^^^^^^ I read something about setting flags interval but that does not make immediate sense to me as to why it's required when specifying a network in cidr notation. Please shine some light on this for me. Thank you, Stephen
