* [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported
@ 2019-12-27 19:17 ѽ҉ᶬḳ℠
2019-12-27 20:12 ` kfm
0 siblings, 1 reply; 3+ messages in thread
From: ѽ҉ᶬḳ℠ @ 2019-12-27 19:17 UTC (permalink / raw)
To: netfilter
kernel 4.19.91 | nftables 0.9.2 | libnftnl 1.1.4 | libxtables-nft 1.8.3
_____
# nft flush ruleset
# nft add table filter
# nft add chain filter input { type filter hook input priority 0\; }
# nft add set filter myset { type ipv4_addr\; }
produces
> Error: Could not process rule: Not supported
Looked up
https://wiki.nftables.org/wiki-nftables/index.php/Troubleshooting but
that error is not documented. A web search did not produce any relevant
results either.
A bit at loss here - why would a rule processing be reported as not
supported whilst this being being set instead? How to get it work?
______
kernel NFT modules conf
CONFIG_NFT_NUMGEN=m
CONFIG_NFT_CT=m
CONFIG_NFT_FLOW_OFFLOAD=m
CONFIG_NFT_COUNTER=m
# CONFIG_NFT_CONNLIMIT is not set
CONFIG_NFT_LOG=m
CONFIG_NFT_LIMIT=m
CONFIG_NFT_MASQ=m
CONFIG_NFT_REDIR=m
CONFIG_NFT_NAT=m
# CONFIG_NFT_TUNNEL is not set
CONFIG_NFT_OBJREF=m
CONFIG_NFT_QUEUE=m
CONFIG_NFT_QUOTA=m
CONFIG_NFT_REJECT=m
CONFIG_NFT_REJECT_INET=m
CONFIG_NFT_COMPAT=m
CONFIG_NFT_HASH=m
CONFIG_NFT_FIB=m
CONFIG_NFT_FIB_INET=m
# CONFIG_NFT_SOCKET is not set
# CONFIG_NFT_OSF is not set
# CONFIG_NFT_TPROXY is not set
CONFIG_NFT_DUP_NETDEV=m
CONFIG_NFT_FWD_NETDEV=m
# CONFIG_NFT_FIB_NETDEV is not set
CONFIG_NFT_CHAIN_ROUTE_IPV4=m
CONFIG_NFT_REJECT_IPV4=m
CONFIG_NFT_DUP_IPV4=m
CONFIG_NFT_FIB_IPV4=m
CONFIG_NFT_CHAIN_NAT_IPV4=m
CONFIG_NFT_MASQ_IPV4=m
CONFIG_NFT_REDIR_IPV4=m
CONFIG_NFT_CHAIN_ROUTE_IPV6=m
CONFIG_NFT_CHAIN_NAT_IPV6=m
CONFIG_NFT_MASQ_IPV6=m
CONFIG_NFT_REDIR_IPV6=m
CONFIG_NFT_REJECT_IPV6=m
CONFIG_NFT_DUP_IPV6=m
CONFIG_NFT_FIB_IPV6=m
CONFIG_NFT_BRIDGE_REJECT=m
# CONFIG_NFTL is not set
# CONFIG_INFTL is not set
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported
2019-12-27 19:17 [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported ѽ҉ᶬḳ℠
@ 2019-12-27 20:12 ` kfm
2019-12-27 20:30 ` ѽ҉ᶬḳ℠
0 siblings, 1 reply; 3+ messages in thread
From: kfm @ 2019-12-27 20:12 UTC (permalink / raw)
To: netfilter
On Fri, 27 Dec 2019 19:17:16 +0000
ѽ҉ᶬḳ℠ <vtol@gmx.net> wrote:
> kernel 4.19.91 | nftables 0.9.2 | libnftnl 1.1.4 | libxtables-nft 1.8.3
> _____
>
> # nft flush ruleset
> # nft add table filter
> # nft add chain filter input { type filter hook input priority 0\; }
> # nft add set filter myset { type ipv4_addr\; }
>
> produces
>
> > Error: Could not process rule: Not supported
>
> Looked up
> https://wiki.nftables.org/wiki-nftables/index.php/Troubleshooting but
> that error is not documented. A web search did not produce any relevant
> results either.
>
> A bit at loss here - why would a rule processing be reported as not
> supported whilst this being being set instead? How to get it work?
>
> ______
> kernel NFT modules conf
>
> CONFIG_NFT_NUMGEN=m
> CONFIG_NFT_CT=m
> CONFIG_NFT_FLOW_OFFLOAD=m
> CONFIG_NFT_COUNTER=m
> # CONFIG_NFT_CONNLIMIT is not set
> CONFIG_NFT_LOG=m
> CONFIG_NFT_LIMIT=m
> CONFIG_NFT_MASQ=m
> CONFIG_NFT_REDIR=m
> CONFIG_NFT_NAT=m
> # CONFIG_NFT_TUNNEL is not set
> CONFIG_NFT_OBJREF=m
> CONFIG_NFT_QUEUE=m
> CONFIG_NFT_QUOTA=m
> CONFIG_NFT_REJECT=m
> CONFIG_NFT_REJECT_INET=m
> CONFIG_NFT_COMPAT=m
> CONFIG_NFT_HASH=m
> CONFIG_NFT_FIB=m
> CONFIG_NFT_FIB_INET=m
> # CONFIG_NFT_SOCKET is not set
> # CONFIG_NFT_OSF is not set
> # CONFIG_NFT_TPROXY is not set
> CONFIG_NFT_DUP_NETDEV=m
> CONFIG_NFT_FWD_NETDEV=m
> # CONFIG_NFT_FIB_NETDEV is not set
> CONFIG_NFT_CHAIN_ROUTE_IPV4=m
> CONFIG_NFT_REJECT_IPV4=m
> CONFIG_NFT_DUP_IPV4=m
> CONFIG_NFT_FIB_IPV4=m
> CONFIG_NFT_CHAIN_NAT_IPV4=m
> CONFIG_NFT_MASQ_IPV4=m
> CONFIG_NFT_REDIR_IPV4=m
> CONFIG_NFT_CHAIN_ROUTE_IPV6=m
> CONFIG_NFT_CHAIN_NAT_IPV6=m
> CONFIG_NFT_MASQ_IPV6=m
> CONFIG_NFT_REDIR_IPV6=m
> CONFIG_NFT_REJECT_IPV6=m
> CONFIG_NFT_DUP_IPV6=m
> CONFIG_NFT_FIB_IPV6=m
> CONFIG_NFT_BRIDGE_REJECT=m
> # CONFIG_NFTL is not set
> # CONFIG_INFTL is not set
Check the status of CONFIG_NF_TABLES_SET.
--
Kerin Millar <kfm@plushkava.net>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported
2019-12-27 20:12 ` kfm
@ 2019-12-27 20:30 ` ѽ҉ᶬḳ℠
0 siblings, 0 replies; 3+ messages in thread
From: ѽ҉ᶬḳ℠ @ 2019-12-27 20:30 UTC (permalink / raw)
To: netfilter
On 27/12/2019 20:12, kfm@plushkava.net wrote:
>
> Check the status of CONFIG_NF_TABLES_SET.
>
Ouhmpf, there we go... thanks for the pointer!
> CONFIG_NF_TABLES_SET is not set
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-27 20:30 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-27 19:17 [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported ѽ҉ᶬḳ℠
2019-12-27 20:12 ` kfm
2019-12-27 20:30 ` ѽ҉ᶬḳ℠
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.