Citát Florian Westphal <fw@xxxxxxxxx>:
azurit@xxxxxxxx <azurit@xxxxxxxx> wrote:
Hi,
i'm migrating from iptables to nftables and i'm having problem with
accounting using cgroups. Everything was working on iptables but is printing
weird errors with nftables (chain 'accounting' exists):
# mkdir /sys/fs/cgroup/net_cls,net_prio/12345
# echo 0x000112345 > /sys/fs/cgroup/net_cls,net_prio/12345/net_cls.classid
# nfacct add 12345
# iptables -I accounting -m cgroup --cgroup 0x000112345 -m nfacct
--nfacct-name 12345
iptables: No space left on device.
# uname -a
Linux server 4.9.236 #2 SMP Thu Sep 17 16:32:19 CEST 2020 x86_64 GNU/Linux
# iptables --version
iptables v1.8.2 (nf_tables)
Use legacy version. 4.9 lacks several fixes that might account for
this. Also, there is no advantage of iptables-over-nft vs.
iptables-legacy except it avoids race conditions with parallel rule
updates (plus a few advantages of the greater flexibility of the
nf_tables framework, but that has almost no bearing a this time).
Thank you for info.
