Re: [arch-general] nftables partially broken after kernel update to 4.16.9
On Tue, May 22, 2018 at 10:43:36AM +0100, Ralph Corderoy wrote: > https://www.archlinux.org/packages/extra/x86_64/nftables/ says > Flagged out-of-date on 2018-05-11 > Version 1:0.8.5-1 in testing > so perhaps that new version would help? I'm happy to report that after updating to the latest version of linux kernel and nftables, the problem is resolved. Regards.
Re: [arch-general] nftables partially broken after kernel update to 4.16.9
On Tue, May 22, 2018 at 08:58:47AM +0200, David Runge wrote: > Does only the nft command fail, or does it work, when it's in a > configuration file? Only the nft command fails, it seems. I guess I'll wait for the latest in the test repo and see what happens. Regards.
Re: [arch-general] nftables partially broken after kernel update to 4.16.9
Hi Bill, > I just updated one of my computer to 4.16.9. After update, the following > nft commands will not work: https://www.archlinux.org/packages/extra/x86_64/nftables/ says Flagged out-of-date on 2018-05-11 Version 1:0.8.5-1 in testing so perhaps that new version would help? -- Cheers, Ralph. https://plus.google.com/+RalphCorderoy
Re: [arch-general] nftables partially broken after kernel update to 4.16.9
On 2018-05-21 23:31:57 (-0400), Bill Sun via arch-general wrote: > I just updated one of my computer to 4.16.9. After update, the following > nft commands will not work: > nft add table ip nat <--- this one works without error > nft add chain ip nat prerouting { type nat hook prerouting priority 0 > \; } > ^ > This will give me the following error message: > Could not process rule: Device or resource busy. > > However, the default simple firewall still works. I have another > computer that is still on 4.16.8, and the example above works; further, > switching back to a lts kernel (4.14.41) also works. Hmm, that's odd. I'm on linux-hardened 4.16.9 atm and my nftables configuration has a `policy accept;` for said chain, which is working. Does only the nft command fail, or does it work, when it's in a configuration file? Best, David -- https://sleepmap.de signature.asc Description: PGP signature
[arch-general] nftables partially broken after kernel update to 4.16.9
Hi all, I just updated one of my computer to 4.16.9. After update, the following nft commands will not work: nft add table ip nat <--- this one works without error nft add chain ip nat prerouting { type nat hook prerouting priority 0 \; } ^ This will give me the following error message: Could not process rule: Device or resource busy. However, the default simple firewall still works. I have another computer that is still on 4.16.8, and the example above works; further, switching back to a lts kernel (4.14.41) also works. Any help is appreciated. Thanks.