On Sun, Nov 19, 2023 at 04:36:53PM -0500, Martin Gignac wrote:
> (resending because not sure the first time went through)
>
> Hi,
>
> I'm seeing a difference in behavior between nftables 1.0.7 and 1.0.9
> with regards to flowtables:
>
> # nft -v
> nftables v1.0.7 (Old Doc Yak)
> # ip link add dummy1 type dummy
> # ip link set dummy1 up
> # nft 'create flowtable inet filter f1 { hook ingress priority 0; counter }'
> # nft 'add flowtable inet filter f1 { devices = { dummy1 } ; }'
> (no output)
>
>
> # nft -v
> nftables v1.0.9 (Old Doc Yak #3)
> # ip link add dummy1 type dummy
> # ip link set dummy1 up
> # nft 'create flowtable inet filter f1 { hook ingress priority 0; counter }'
> # nft 'add flowtable inet filter f1 { devices = { dummy1 } ; }'
> Error: missing hook and priority in flowtable declaration
> add flowtable inet filter f1 { devices = { dummy1 } ; }
> ^^^^^^^^^^^^^^^^^^^^^^^^
>
> I don't understand the error: "Error: missing hook and priority in
> flowtable declaration" since I HAVE indicated a hook and priority with
> the command "nft 'create flowtable inet filter f1 { hook ingress
> priority 0; counter }'", which worked before, but now doesn't.
>
> What am I missing?
This is bug of mine, apologies.
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20231122085912.3098-1-pablo@xxxxxxxxxxxxx/
