bugzilla-daemon at netfilter.org
2014-May-13 12:27 UTC
[Bug 933] New: queue: Incorrect use of option with queue
https://bugzilla.netfilter.org/show_bug.cgi?id=933 Summary: queue: Incorrect use of option with queue Product: nftables Version: unspecified Platform: x86_64 OS/Version: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: nft AssignedTo: pablo at netfilter.org ReportedBy: anarey at gmail.com Estimated Hours: 0.0 The correct use of option in queue is "[..] queue [..] options fanout, bypass [...] But, you can add the following rule in a table without It shows some error messages: $ sudo nft add rule ip test input queue num 2 total 3 options fanout options bypass counter $ sudo nft list table test table ip test { chain input { queue num 2 total 3 options bypass counter packets 0 bytes 0 } } If you list the table, The rule shows one options "options bypass" but you miss the "options fanout". The last commit in Pablo git tree of kernel is "40e6442 netfilter: x_tables: allow to use cgroup match for LOCAL_IN nf hooks" The last commit in libmnl repo is "090a842 examples: use mnl_socket_setsockopt" The last commit in libnftnl repo is "57107c2 common: fix unconditional output of event wrapping stuff" The last commit in nftables repo is "aefa9bf expression: Fix inconsistent output in set" -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
bugzilla-daemon at netfilter.org
2014-May-28 08:58 UTC
[Bug 933] queue: Incorrect use of option with queue
https://bugzilla.netfilter.org/show_bug.cgi?id=933 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> 2014-05-28 10:58:07 CEST --- The (current) correct syntax is: nft add rule ip filter input queue num 2 total 3 options fanout,bypass But we have to fix that syntax to make it more compact, eg. nft add rule ip filter input queue 2:3 fanout bypass Closing this. We'll file a different ticket to rework the syntax. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
Possibly Parallel Threads
- [Bug 918] New: Ranges and comparat
- [Bug 938] New: TOS: Do not list hexadecimal values.
- [Bug 931] New: limit: -limit-burst is not supported in nft
- [Bug 935] New: Frag: problem with frag-off
- [Bug 936] New: frag: "more-fragments" and "reserved" are not identified by nftables