> I don't manage to reproduce such duplication with 1.1.1. > > Would you make a simpler reproducer? Yes, surely. I've tested the following in a priviledged debian unstable container and i have the same behavior. mkdir -p /tmp/test/include echo > /tmp/test/main <<-EOF table inet test { chain test { include "include/*"; } } EOF echo "tcp dport 22 accept;" > /tmp/test/include/one echo "tcp dport 25 accept;" > /tmp/test/include/two nft -e -I /tmp/test/ -f /tmp/test/main Executing this on 1.1.1 results in the following being executed/outputted: root@nnd-navi:/tmp/test# nft -e -I /tmp/test/ -f /tmp/test/main add table inet test add chain inet test test add rule inet test test tcp dport 22 accept add rule inet test test handle 2 tcp dport 25 accept add rule inet test test handle 3 tcp dport 22 accept add rule inet test test tcp dport 25 accept I've replicated it also on debian nftables with the following invokation: # podman run --rm -it --privileged --network=host -w /tmp "debian:unstable" # apt update # apt install nftables # ... (steps from reproducer go here) > What default directory you have for nftables? You can guess via: > > # nft -h | grep "\-I" While i highly suspect the include dir path is unrelated, here they are: Alpine v3.21: /usr/share Debian trixie/sid: /etc > Thanks. -- Alex D. RedXen System & Infrastructure Administration https://redxen.eu/
Attachment:
signature.asc
Description: PGP signature