Hi, After years of using ipchains and later iptables as firewall I am now trying to use nft. :-)
I thought I understood it all and as far as I know I have a working config. But just trying to get a listing of the running config shows NOTHING. linbookwormtest:~# nft list ruleset linbookwormtest:~# There is nothing in the journal about nft linbookwormtest:~# journalctl -t nft -- Journal begins at Mon 2023-03-27 13:07:50 CEST, ends at Mon 2023-04-24 12:18:07 CEST. -- -- No entries -- And on an older server where I still have rsyslog installed there is also nothing in syslog. But that is no surprise when the journal database has nothing. ;-) So nothing, not even a warning or an error. So how do I know if nft is running at all? I am guessing it does NOT run because..... Even using just the default ruleset in /etc/nftables.conf shows nothing in the logs. It should at least show something right? But even more telling... in my modified ruleset I have: -----<Quote>--------------------- ... table inet firewall { chain inbound_ipv4 { # accepting ping (icmp-echo-request) for diagnostic purposes, within a certain rate limit: icmp type echo-request limit rate 5/second accept } chain inbound_ipv6 { # accept neighbour discovery otherwise connectivity breaks # icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } accept # accepting ping (icmpv6-echo-request) for diagnostic purposes, within a certain rate limit: # icmpv6 type echo-request limit rate 5/second accept } chain inbound { # By default, drop all traffic unless it meets a filter criteria specified by the rules that follow below. type filter hook input priority 0; policy drop; # Allow traffic from established and related packets, drop invalid ct state vmap { established : accept, related : accept, invalid : drop } # Allow loopback traffic. iifname lo accept # Jump to chain according to layer 3 protocol using a verdict map meta protocol vmap { ip : jump inbound_ipv4, ip6 : jump inbound_ipv6 } # Allow SSH on port TCP/22 for IPv4 and IPv6. tcp dport { 22 } accept ... -----<Quote>--------------------- Now whether I have those SSH lines enabled or disable them makes no difference, I can still logon using ssh. :-( How, how do I continue? It isn't even working on a clean install of Debian bookworm with the default config file. Bonno Bloksma