Hi, Thanks for reporting. On Tue, Jul 18, 2023 at 11:31:38AM -0400, Brian Davidson wrote: > The following ruleset setting ct mark from ip dscp does not display > the right-hand expression 'ip dscp' correctly when listing the > ruleset. This patch fixes this issue: https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719001444.154070-1-pablo@xxxxxxxxxxxxx/ > It instead displays '@nh,8,8 & 0xfc [invalid type]'. 'ip6 dscp' looks normal. > > table inet x { > chain y { > type filter hook postrouting priority mangle + 1; policy accept; > ct mark set ip dscp | 0x40 counter > ct mark set ip6 dscp | 0x40 counter > } > } > > # nft list table inet x > table inet x { > chain y { > type filter hook postrouting priority mangle + 1; policy accept; > meta nfproto ipv4 ct mark set @nh,8,8 & 0xfc [invalid > type] | 0x40 counter packets 3584 bytes 575402 > ct mark set ip6 dscp | 0x40 counter packets 755 bytes 255731 > } > }
