Re: Unsuccessful adding policy to a regular chain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 8 Oct 2024 19:00:50 +0000
Robin Bussell <RobinB@xxxxxxxxxxxxxxx> wrote:

> 
> 
> 
> 
> On 8 Oct 2024, at 18:12, Kerin Millar <kfm@xxxxxxxxxxxxx> wrote:
> 
> [You don't often get email from kfm@xxxxxxxxxxxxx. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
> 
> [EXTERNAL EMAIL]
> 
> On Tue, 8 Oct 2024, at 5:59 PM, Robin Bussell wrote:
> Hi Folks,
>         I'm trying to create a regular chain with a default drop
> policy and not getting anywhere. The wiki implies this can be done, but
> when I try:
> 
> nft 'add chain ip myTable myChain { policy drop ;}'
> 
> I get back:
> 
> Error: Could not process rule: Operation not supported
> add chain ip O365 O365WhiteList { policy drop ;}
>                                  ^^^^^^^^^^^
> 
> ( those carets line up with the "policy drop" on my terminal. A table
> called myTable of the ip family exists already )
> 
> So are policies actually supported on regular chains? If so, can you
> tell me what might be wrong with my  nft invocation?
> 
> There can be no policy for a chain bearing no hook.
> 
> 
> <https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains#Adding_regular_chains>
> Configuring chains<https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains#Adding_regular_chains>
> wiki.nftables.org<https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains#Adding_regular_chains>
> [X]<https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains#Adding_regular_chains>
>  This wiki article states otherwise though.

The article has been corrected.

-- 
Kerin Millar




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux