Displaying 2 results from an estimated 2 matches for "libmnl0".
Did you mean:
libmnl
2020 Nov 01
1
[Bug 1478] New: Concatenations with ct status do not match
...targetip
Note that the counters in the filter table for concatenations with "ct status"
do not increase, whereas the other counters increase.
Versions:
Debian 10, armhf (Raspberry Pi OS), with backports
Linux myhostname 5.4.72-v7l+ #1356 SMP Thu Oct 22 13:57:51 BST 2020 armv7l
GNU/Linux
libmnl0 1.0.4-2
libnetfilter-conntrack3 1.0.7-1
libnftnl11 1.1.7-1~bpo10+1
libnftables1 0.9.6-1~bpo10+1
nftables 0.9.6-1~bpo10+1
Ruleset:
$ nft list ruleset
table inet filter {
chain input {
type filter hook input priority filter; policy accept;
ct state established...
2016 Aug 17
6
[Bug 1082] New: Hard lockup when inserting nft rules (esp. ct rule)
...nter accept
ip saddr 10.xx.0.0/16 ip daddr 10.0.0.0/8 ip protocol tcp ct
state invalid,new counter reject
}
}
-----snip-----
The vpn server (debian jessie with bpo) uses these:
linux-image 4.6.4-1~bpo8+1 (also 4.5.5-1)
nftables 0.6-1~bpo8+1
libnftnl4 1.0.6-1~bpo8+1
libmnl0 1.0.3-5
The ruleset is loaded without problem before we begin to transit vpn links.
After we transit all links, we want to update the ruleset to add a new open IP.
But loading the modified ruleset causes this machine hard lockup immediately.
Then we had to revert the high load vpn link to...