On Fri, 27 Dec 2019 19:17:16 +0000
ѽ҉ᶬḳ℠ <vtol@xxxxxxx> wrote:
> kernel 4.19.91 | nftables 0.9.2 | libnftnl 1.1.4 | libxtables-nft 1.8.3
> _____
>
> # nft flush ruleset
> # nft add table filter
> # nft add chain filter input { type filter hook input priority 0\; }
> # nft add set filter myset { type ipv4_addr\; }
>
> produces
>
> > Error: Could not process rule: Not supported
>
> Looked up
> https://wiki.nftables.org/wiki-nftables/index.php/Troubleshooting but
> that error is not documented. A web search did not produce any relevant
> results either.
>
> A bit at loss here - why would a rule processing be reported as not
> supported whilst this being being set instead? How to get it work?
>
> ______
> kernel NFT modules conf
>
> CONFIG_NFT_NUMGEN=m
> CONFIG_NFT_CT=m
> CONFIG_NFT_FLOW_OFFLOAD=m
> CONFIG_NFT_COUNTER=m
> # CONFIG_NFT_CONNLIMIT is not set
> CONFIG_NFT_LOG=m
> CONFIG_NFT_LIMIT=m
> CONFIG_NFT_MASQ=m
> CONFIG_NFT_REDIR=m
> CONFIG_NFT_NAT=m
> # CONFIG_NFT_TUNNEL is not set
> CONFIG_NFT_OBJREF=m
> CONFIG_NFT_QUEUE=m
> CONFIG_NFT_QUOTA=m
> CONFIG_NFT_REJECT=m
> CONFIG_NFT_REJECT_INET=m
> CONFIG_NFT_COMPAT=m
> CONFIG_NFT_HASH=m
> CONFIG_NFT_FIB=m
> CONFIG_NFT_FIB_INET=m
> # CONFIG_NFT_SOCKET is not set
> # CONFIG_NFT_OSF is not set
> # CONFIG_NFT_TPROXY is not set
> CONFIG_NFT_DUP_NETDEV=m
> CONFIG_NFT_FWD_NETDEV=m
> # CONFIG_NFT_FIB_NETDEV is not set
> CONFIG_NFT_CHAIN_ROUTE_IPV4=m
> CONFIG_NFT_REJECT_IPV4=m
> CONFIG_NFT_DUP_IPV4=m
> CONFIG_NFT_FIB_IPV4=m
> CONFIG_NFT_CHAIN_NAT_IPV4=m
> CONFIG_NFT_MASQ_IPV4=m
> CONFIG_NFT_REDIR_IPV4=m
> CONFIG_NFT_CHAIN_ROUTE_IPV6=m
> CONFIG_NFT_CHAIN_NAT_IPV6=m
> CONFIG_NFT_MASQ_IPV6=m
> CONFIG_NFT_REDIR_IPV6=m
> CONFIG_NFT_REJECT_IPV6=m
> CONFIG_NFT_DUP_IPV6=m
> CONFIG_NFT_FIB_IPV6=m
> CONFIG_NFT_BRIDGE_REJECT=m
> # CONFIG_NFTL is not set
> # CONFIG_INFTL is not set
Check the status of CONFIG_NF_TABLES_SET.
--
Kerin Millar <kfm@xxxxxxxxxxxxx>
