Chris Hall <nftables@xxxxxxx> wrote: > On 02/09/2020 18:51, Pablo Neira Ayuso wrote: > > On Wed, Sep 02, 2020 at 05:44:11PM +0100, Chris Hall wrote: > >> .... issue with 'add set ip MAIN tcp_good_flags...' > > > Indeed, nothing seems to work until I 'flush ruleset' again ! > > > > > > Am I asking for the impossible here ? > > > It's a bug, I'll apply this patch to git. > > Ah. I'm impressed that it's quickly fixable... > > ...but my Fedora appears to be 9 months behind on nftables v0.9.3, so I > guess I have a bit of a wait :-( > > I tried building nftables, but ./configure says: > > Package 'libnftnl' has version '1.1.3', required version is '>= 1.1.7' > > I tried building and installing libnftnl, which created > '/usr/local/lib/libnftnl.so.11.3.0'. But that does not seem to satisfy the > ./configure for nftables ? It does, but its finding the wrong/old installation, or not searching in /usr/local. Try ./configure PKG_CONFIG_PATH=/path/to/where/the/1.1.7.pc-file-is when building nftables. find -name '*.pc' /usr/local might tell you the right directory.
