> The bug that I believe is responsible is in this if-block: > > https://git.netfilter.org/nftables/tree/src/rule.c#n372 > >When listing a set, nft will set the `stateless` flag in order to >suppress the state of any counters it defines. However, it doesn't keep >track of whether the flag was already set and clears it unconditionally >afterwards. It has not yet been fixed upstream. > >The buggy commit was released in 0.9.4, which is why you saw it after >upgrading from buster (0.9.0-2) to bullseye (0.9.8-3.1).
Excellent work, J. >Here's the fix I've sent upstream: > > > https://lore.kernel.org/netfilter-devel/20211007201222.2613750-3-jer...@azazel.net/T/#u > >I'm not that familiar with Arch or Gentoo, but from what I can see >looking through their package repo's and bug-trackers, they don't seem >to be carrying patches for this. Looking forward to seeing this in a bullseye update...
