On 27.05.24 г. 20:17 ч., William N. wrote:
On Mon, 27 May 2024 13:17:50 +0300 Teodor Milkov wrote:
I just tried putting log before counter and still nothing showing in
logs. But does order really matter?
Perhaps not. I just thought it might be worth trying.
What happens if you remove the counter and use only log?
I tried this:
table netdev xxx {
chain ingress {
type filter hook ingress device "eth0" priority -600
counter
log prefix "TEST: "
drop
}
}
and I ran 'arp' on the other end of the eth0 link. I can see logging
works, i.e. without specifying any particular protocol whatsoever.
Counter works too.
Yes, as stated in my original message:
"From a brief review of the source code, it appears that nftables might
only log frames of certain known types like e.g. ipv4, ipv6 and arp."
So, if you have a way to test with some other type like STP, LLDP, CDP
or similar, maybe you'll be able to reproduce the issue.
