Displaying 20 results from an estimated 3000 matches similar to: "[Bug 1063] New: sizes for ipv6 priority and flow label are incorrect."
2017 Aug 21
4
[Bug 1172] New: chain priority cannot be set by a defined variable
https://bugzilla.netfilter.org/show_bug.cgi?id=1172
Bug ID: 1172
Summary: chain priority cannot be set by a defined variable
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2017 Apr 01
6
[Bug 1140] New: nft dump invalid (flow table)
https://bugzilla.netfilter.org/show_bug.cgi?id=1140
Bug ID: 1140
Summary: nft dump invalid (flow table)
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2018 Oct 04
1
[Bug 1281] New: Using kernel 4.18.10, nft commandline tool or nft -f can't parse negative priority values over -200.
https://bugzilla.netfilter.org/show_bug.cgi?id=1281
Bug ID: 1281
Summary: Using kernel 4.18.10, nft commandline tool or nft -f
can't parse negative priority values over -200.
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: critical
2018 Nov 14
3
[Bug 1295] New: Access decision from previous priority
https://bugzilla.netfilter.org/show_bug.cgi?id=1295
Bug ID: 1295
Summary: Access decision from previous priority
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at
2018 May 03
3
[Bug 1254] New: nft commandline tool can't parse negative priority values.
https://bugzilla.netfilter.org/show_bug.cgi?id=1254
Bug ID: 1254
Summary: nft commandline tool can't parse negative priority
values.
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: nft
2020 Jun 09
3
firewalld / iptables / nftables
Despite that the migration of our applications comes with a significant
workload. It seems that also every aspect of common services had changed
with EL8.
In EL8 firewalld uses nftables as backend. I wonder why iptables does
not list any rules while also configured to use nftables as backend.
# iptables -V
iptables v1.8.2 (nf_tables)
# firewall-cmd --list-all |egrep -o '22|ssh'
ssh
2018 Oct 17
2
KVM + libvirt + nftables without iptables?
Hi everyone,
I use Debian 9.5 Stretch and NFTABLES as a firewall.
Using NFTABLES together with IPTABLES is not recommended,
but libvirt depends on IPTABLES.
Is it safe to run libvirt + kvm + virsh without IPTABLES?
By the doc https://libvirt.org/firewall.html,
IPTABLES are used for settingup filtering which I do not need.
Thanks,
Roman
2020 Jun 09
1
firewalld / iptables / nftables
Once upon a time, Jonathan Billings <billings at negate.org> said:
> 'iptables' and 'nftables' are competing technologies. In CentOS 8,
> firewalld's backend was switched from iptables to nftables. So it
> would be expected that the iptables command wouldn't have any rules
> defined, it isn't being used by firewalld.
That is partially incorrect.
2018 Oct 18
2
Re: KVM + libvirt + nftables without iptables?
On 10/18/2018 10:14 AM, Daniel P. Berrangé wrote:
> On Wed, Oct 17, 2018 at 05:57:11PM +0200, Roman Vesely wrote:
>> Hi everyone,
>>
>> I use Debian 9.5 Stretch and NFTABLES as a firewall.
>> Using NFTABLES together with IPTABLES is not recommended,
>> but libvirt depends on IPTABLES.
>>
>> Is it safe to run libvirt + kvm + virsh without IPTABLES?
2019 Jan 31
4
C7, firewalld and rich rules
On 1/30/19 10:05 PM, Simon Matter via CentOS wrote:
> Did you look at Shorewall? IMHO that's what is best used in such
> situations and it works since many years now.
shorewall doesn't support nftables, which is largely the point of
firewalld:? The Linux firewall system is currently undergoing yet
another deprecation and migration from iptables to nftables. firewalld
should
2018 Jan 20
10
[Bug 1216] New: Error messaging for "interval overlaps with previous one" misidentifies location
https://bugzilla.netfilter.org/show_bug.cgi?id=1216
Bug ID: 1216
Summary: Error messaging for "interval overlaps with previous
one" misidentifies location
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
2017 Mar 22
5
[Bug 1135] New: When used as a script interpreter, nft fails if extra arguments are passed
https://bugzilla.netfilter.org/show_bug.cgi?id=1135
Bug ID: 1135
Summary: When used as a script interpreter, nft fails if extra
arguments are passed
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
2020 Apr 17
2
CentO 8 and nftables default policy
Hi list,
I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled
firewalld. I noticed that a default policy is created with tables and
chains probably for firewalld.
So I created a .nft script where I stored my rules with a flush for
previous ruleset, then saved on /etc/sysconfig/nftables.conf and the
enabled nftables service.
Running the script with nft -f script.nft all
2017 Apr 15
9
[Bug 1145] New: nft 0.7: expression.c:966: range_expr_value_low: Assertion '0' failed.
https://bugzilla.netfilter.org/show_bug.cgi?id=1145
Bug ID: 1145
Summary: nft 0.7: expression.c:966: range_expr_value_low:
Assertion '0' failed.
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: normal
Priority: P5
2019 Sep 15
3
[Bug 1365] New: nft crashes in chain_print_declaration()
https://bugzilla.netfilter.org/show_bug.cgi?id=1365
Bug ID: 1365
Summary: nft crashes in chain_print_declaration()
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2019 Aug 04
2
[Bug 1359] New: nft 0.9.1 - table family inet, chain type nat, fails to auto-load modules
https://bugzilla.netfilter.org/show_bug.cgi?id=1359
Bug ID: 1359
Summary: nft 0.9.1 - table family inet, chain type nat, fails
to auto-load modules
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: normal
Priority: P5
Component:
2017 Aug 23
7
[Bug 1176] New: Invalid identifiers produce unhelpful error messages
https://bugzilla.netfilter.org/show_bug.cgi?id=1176
Bug ID: 1176
Summary: Invalid identifiers produce unhelpful error messages
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft
Assignee: pablo at
2018 Jun 21
6
[Bug 1263] New: Device or resource busy on nat loading.
https://bugzilla.netfilter.org/show_bug.cgi?id=1263
Bug ID: 1263
Summary: Device or resource busy on nat loading.
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: normal
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
2018 Jan 04
9
[Bug 1210] New: nftables gets confused by user namespaces when meta skuid is used
https://bugzilla.netfilter.org/show_bug.cgi?id=1210
Bug ID: 1210
Summary: nftables gets confused by user namespaces when meta
skuid is used
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft
2018 May 06
3
[Bug 1256] New: Default ruleset files with tables are no longer installed after 0.8.3 version
https://bugzilla.netfilter.org/show_bug.cgi?id=1256
Bug ID: 1256
Summary: Default ruleset files with tables are no longer
installed after 0.8.3 version
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: major
Priority: P5