similar to: [Bug 1176] New: Invalid identifiers produce unhelpful error messages

https://bugzilla.netfilter.org/show_bug.cgi?id=1188 Bug ID: 1188 Summary: nft fails to parse own output; unable to save-restore active state Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: critical Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1175 Bug ID: 1175 Summary: Document limitations on identifier names Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1178 Bug ID: 1178 Summary: Provide better error messaging when a rule can't be executed in its context Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1216 Bug ID: 1216 Summary: Error messaging for "interval overlaps with previous one" misidentifies location Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: major Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1184 Bug ID: 1184 Summary: disable implicit concatenating of elements of sets with flag interval Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component:

https://bugzilla.netfilter.org/show_bug.cgi?id=1671 Bug ID: 1671 Summary: Implicit chains and nesting result in parser_bison.y aborting Product: nftables Version: 0.9.x Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1179 Bug ID: 1179 Summary: vmap and sets cause "BUG: invalid range expression type set" Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1173 Bug ID: 1173 Summary: Documentation/error messages around NAT statements in "inet" tables incorrect Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: critical Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1174 Bug ID: 1174 Summary: 'define' functionality not sufficient for maintaining sets and the like Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1093 Bug ID: 1093 Summary: 'Flush ruleset' is undocumented Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at

Hi list, I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled firewalld. I noticed that a default policy is created with tables and chains probably for firewalld. So I created a .nft script where I stored my rules with a flush for previous ruleset, then saved on /etc/sysconfig/nftables.conf and the enabled nftables service. Running the script with nft -f script.nft all

https://bugzilla.netfilter.org/show_bug.cgi?id=1365 Bug ID: 1365 Summary: nft crashes in chain_print_declaration() Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1140 Bug ID: 1140 Summary: nft dump invalid (flow table) Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1349 Bug ID: 1349 Summary: "nft list ruleset" shows rules twice Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: minor Priority: P5 Component: nft Assignee: pablo at

I had the same problem. If you are not using virtual machines then # systemctl disable libvirtd works and is easily reversible. Alan On 18/04/2020 23:03, Alessandro Baggi wrote: > Il 17/04/20 11:01, Alessandro Baggi ha scritto: >> Hi list, >> >> I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled >> firewalld. I noticed that a default

Despite that the migration of our applications comes with a significant workload. It seems that also every aspect of common services had changed with EL8. In EL8 firewalld uses nftables as backend. I wonder why iptables does not list any rules while also configured to use nftables as backend. # iptables -V iptables v1.8.2 (nf_tables) # firewall-cmd --list-all |egrep -o '22|ssh' ssh

https://bugzilla.netfilter.org/show_bug.cgi?id=1382 Bug ID: 1382 Summary: nftables.py cmd leaking memory when ruleset contain mapping ip length to range with high limit 65535 Product: nftables Version: unspecified Hardware: x86_64 OS: Gentoo Status: NEW Severity: major

https://bugzilla.netfilter.org/show_bug.cgi?id=1135 Bug ID: 1135 Summary: When used as a script interpreter, nft fails if extra arguments are passed Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1434 Bug ID: 1434 Summary: Usability improvements, enabling creation of complex firewalls Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1082 Bug ID: 1082 Summary: Hard lockup when inserting nft rules (esp. ct rule) Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: blocker Priority: P5 Component: kernel Assignee: