netfilter buglog - May 2020 - [Bug 1428] New: Unable to dnat to port without defining destination address in inet table

https://bugzilla.netfilter.org/show_bug.cgi?id=1428

            Bug ID: 1428
           Summary: Unable to dnat to port without defining destination
                    address in inet table
           Product: nftables
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: kfm at plushkava.net

Consider the following ruleset:

table inet t {
    chain c {
        meta nfproto ipv6 tcp dport 80 dnat to :9030
    }
}

Here, this produces "Error: Could not process rule: Address family not
supported by protocol". The manual states the following:
> When used in the inet family (available with kernel 5.2), the dnat and snat
statements require the use of the ip and ip6 keyword in case an address is
provided.
While "in case" is a little ambiguous, this sentence does not strictly
imply
that an address is mandatory. Therefore, I had expected that the dnat to :port
form be usable.

It occurred to me that the parser might be thrown by the presence of the colon
but, in the event that this may be true, I can discern no way to help
disambiguate a standalone :port from the IPv6 address that is intentionally not
being declared here. On the other hand, the following rule is at least accepted
by the parser if declared within an ip or ip6 table:

    tcp dport 80 dnat to :9030

Is there a way that it could be made to work when declared within an inet
table?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200525/186ea02e/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1428

George Shammas <netfilter at shamm.as> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |netfilter at shamm.as

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200525/d18c58a8/attachment.html>