thr3ads.net - netfilter buglog - [Bug 1372] New: Example for simple blacklist from nftables man page [Oct 2019]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at netfilter.org

2019-Oct-11 17:54 UTC

[Bug 1372] New: Example for simple blacklist from nftables man page

https://bugzilla.netfilter.org/show_bug.cgi?id=1372

            Bug ID: 1372
           Summary: Example for simple blacklist from nftables man page
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: other
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: tad1073 at gmail.com

[~/.nftables>]$ nftar inet filter input tcp flags syn tcp dport ssh meter
flood
{ ip saddr timeout 10s limit rate over 10/second } add @blackhole { ip saddr
timeout 1m } drop

nftar is an alias in my .bashrc for sudo nft add rule

[~/.nftables>]$ nft list meter inet filter flood
Error: No such file or directory
list meter inet filter flood

https://www.netfilter.org/projects/nftables/manpage.html#lbDB

By the way, I'm using Manjaro Linux

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20191011/9b219efd/attachment.html>

bugzilla-daemon at netfilter.org

2020-Dec-03 03:00 UTC

head link

[Bug 1372] Example for simple blacklist from nftables man page

https://bugzilla.netfilter.org/show_bug.cgi?id=1372

kfm at plushkava.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kfm at plushkava.net

--- Comment #1 from kfm at plushkava.net ---
(In reply to Thomas from comment #0)> [~/.nftables>]$ nft list meter inet filter flood
> Error: No such file or directory
> list meter inet filter flood
This happened because you didn't run the command as root. The root user has
the
benefit of the CAP_NET_ADMIN capability. The error message could stand to be
improved.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201203/2ee75033/attachment.html>

bugzilla-daemon at netfilter.org

2020-Dec-03 03:03 UTC

head link

[Bug 1372] Errors are potentially confusing if accidentally running without CAP_NET_ADMIN

https://bugzilla.netfilter.org/show_bug.cgi?id=1372

kfm at plushkava.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Example for simple          |Errors are potentially
                   |blacklist from nftables man |confusing if accidentally
                   |page                        |running without
                   |                            |CAP_NET_ADMIN

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201203/a1244def/attachment.html>

bugzilla-daemon at netfilter.org

2020-Dec-03 12:47 UTC

head link

[Bug 1372] Errors are potentially confusing if accidentally running without CAP_NET_ADMIN

https://bugzilla.netfilter.org/show_bug.cgi?id=1372

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED

--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> ---
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20201203124423.14137-1-pablo
at netfilter.org/

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201203/142b19b6/attachment.html>

bugzilla-daemon at netfilter.org

2020-Dec-08 16:58 UTC

head link

[Bug 1372] Errors are potentially confusing if accidentally running without CAP_NET_ADMIN

https://bugzilla.netfilter.org/show_bug.cgi?id=1372

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|ASSIGNED                    |RESOLVED

--- Comment #3 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Upstream fix available:

3cfb9e4b3e40 src: report EPERM for non-root users

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201208/cfa8b9f4/attachment.html>

Possibly Parallel Threads

Search for more possibly parallel threads

netfilter buglog - Oct 2019 - [Bug 1372] New: Example for simple blacklist from nftables man page

[Bug 1372] New: Example for simple blacklist from nftables man page

[Bug 1372] Example for simple blacklist from nftables man page

[Bug 1372] Errors are potentially confusing if accidentally running without CAP_NET_ADMIN

[Bug 1372] Errors are potentially confusing if accidentally running without CAP_NET_ADMIN

[Bug 1372] Errors are potentially confusing if accidentally running without CAP_NET_ADMIN

Possibly Parallel Threads