Hi
I am trying to set up a basic connection tracking rule:
#nft list ruleset
table ip filter {
chain input {
type filter hook input priority 0; policy accept;
}
}
# nft add rule filter input ct state established accept
Error: Could not process rule: No such file or directory
add rule filter input ct state established accept
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
cat /proc/config.gz | gunzip | grep NFT
# CONFIG_NFT_NUMGEN is not set
CONFIG_NFT_CT=m
# CONFIG_NFT_FLOW_OFFLOAD is not set
CONFIG_NFT_COUNTER=y
# CONFIG_NFT_CONNLIMIT is not set
CONFIG_NFT_LOG=y
CONFIG_NFT_LIMIT=y
# CONFIG_NFT_MASQ is not set
# CONFIG_NFT_REDIR is not set
CONFIG_NFT_NAT=m
# CONFIG_NFT_TUNNEL is not set
# CONFIG_NFT_OBJREF is not set
# CONFIG_NFT_QUOTA is not set
# CONFIG_NFT_REJECT is not set
# CONFIG_NFT_COMPAT is not set
CONFIG_NFT_HASH=y
# CONFIG_NFT_SOCKET is not set
# CONFIG_NFT_OSF is not set
# CONFIG_NFT_TPROXY is not set
# CONFIG_NFT_DUP_NETDEV is not set
# CONFIG_NFT_FWD_NETDEV is not set
CONFIG_NFT_CHAIN_ROUTE_IPV4=y
# CONFIG_NFT_DUP_IPV4 is not set
# CONFIG_NFT_FIB_IPV4 is not set
CONFIG_NFT_CHAIN_NAT_IPV4=m
# CONFIG_NFT_CHAIN_ROUTE_IPV6 is not set
# CONFIG_NFT_DUP_IPV6 is not set
# CONFIG_NFT_FIB_IPV6 is not set
# CONFIG_NFTL is not set
# CONFIG_INFTL is not set
What am I missing here?
Thx
Andy
