netfilter buglog - Dec 2024 - [Bug 1782] New: Wrong error printed when trying to add base chain named same as existing regular chain

https://bugzilla.netfilter.org/show_bug.cgi?id=1782

            Bug ID: 1782
           Summary: Wrong error printed when trying to add base chain
                    named same as existing regular chain
           Product: nftables
           Version: 1.0.x
          Hardware: All
                OS: All
            Status: NEW
          Severity: minor
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: anton.khazan at gmail.com

When trying to add a base chain and a regular chain with matching name already
exists, wrong error is printed.

Steps to reproduce the issue:

nft add table test
nft add chain test t # add regular chain t
nft add chain test t { type filter hook postrouting priority 0\; policy
accept\; } # try to add base chain t

Output:
Error: Chain of type "filter" is not supported, perhaps kernel support
is
missing?

Expected output: something like
Error: Regular chain "t" already exists.

When the regular chain "t" is removed, the above command works, so I
believe
that the actual problem is not lack of support for chain of type
"filter" but
rather the fact that same-named regular chain already exists.

Same behavior with  nft versions v1.0.8, v1.0.9

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20241219/246eb319/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1782

Phil Sutter <phil at nwl.cc> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |phil at nwl.cc

--- Comment #1 from Phil Sutter <phil at nwl.cc> ---
Should be fixed in v1.1.0 with commit 1f321f86c45fc ("cmd: provide better
hint
if chain is already declared with different type/hook/priority").

Could you please try a newer version of nftables?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20241220/3a256873/attachment.html>