ѽ҉ᶬḳ℠ <vtol@xxxxxxx> wrote:
> On 06/02/2020 22:42, darius wrote:
> > Hello,
> > I was using meters by using 'meter' keyword, but apparently it is now
> > obsolete.
Not really, it will continue to work.
> If not mistaken the intention is to replace meter with native set / map
> syntax but meter not yet being depreciated/retired.
Yes.
> > root@HOMEROUTER:/etc/config# /etc/init.d/firewall reload
> > /etc/config/ruleset.nft:416:9-187: Error: Could not process rule: Not
> > supported
> > ct state new add @mymeter { ip saddr timeout 30s limit rate over
> > 50/second burst 50 packets } counter drop
> >
> > I'm running OpenWRT, kernel v4.14.167, nft v.0.9.2
> > Could anyone help to find out what I'm doing wrong? It seems that I did
> > it according to wiki.
Its a kernel bug. The kernel picks the wrong set backend on 4.14, so
when it sees the rule (which requires a set that supports updates) it
will fail.
Contine to use mter syntax if that works for you.
