Control: tag -1 moreinfo Hi Christoph,
Is this ruleset a real one obtained from ufw? I ask because the next one doesn't result in segfault: *nat -F PREROUTING -F POSTROUTING -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 1194 COMMIT I don't understand the rule "-F PREROUTING" after a "-A ..." one. It seems that the segfault happens in this specific case (it's a bug of course, but not a bug with grave severity). After some tests I found this ruleset segfaults with iptables-nft-restore in several iptables releases (1.8.2-4, 1.8.3-2~bpo10+1 and 1.8.4-2) while iptables-legacy-restore executes as expected. Please, provide more info or a general ruleset to inform upstream and/or lower the severity. Thanks for reporting! Alberto