Public bug reported: After upgrading from 20.04.2 LTS (Focal Fossa) to 20.10 (Groovy Gorilla) today - now using nftables as fw backend - sshuttle stopped working:
sudo sshuttle --remote <user>@<remote> --exclude <remote-ip>/32 <networks...> client: Connected. # Warning: iptables-legacy tables present, use iptables-legacy to see them iptables v1.8.5 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING # Warning: iptables-legacy tables present, use iptables-legacy to see them iptables v1.8.5 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING fatal: ['iptables', '-t', 'nat', '-nL'] returned 4 client: fatal: cleanup: ['/usr/bin/python3', '/usr/bin/sshuttle', '--method', 'auto', '--firewall'] returned 99 sudo sshuttle --method=nft --remote <user>@<remote> --exclude <remote-ip>/32 <networks...> client: Connected. Error: Could not process rule: No such file or directory add chain inet sshuttle-12300 prerouting { type nat hook prerouting priority -100; policy accept; } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ fatal: ['nft', 'add chain', 'inet', 'sshuttle-12300', 'prerouting', '{ type nat hook prerouting priority -100; policy accept; }'] returned 1 client: fatal: cleanup: ['/usr/bin/python3', '/usr/bin/sshuttle', '--method', 'nft', '--firewall'] returned 99 Note, that on WSL2 the kernel was NOT changed with do-release-upgrade. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: sshuttle 1.0.4-1ubuntu4 Uname: Linux 5.10.16.3-microsoft-standard-WSL2 x86_64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: amd64 CasperMD5CheckResult: skip Date: Wed Jun 16 19:19:10 2021 PackageArchitecture: all ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: sshuttle UpgradeStatus: Upgraded to groovy on 2021-06-16 (0 days ago) ** Affects: sshuttle (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug groovy uec-images ** Description changed: - After upgrading to 20.10 (Groovy Gorilla) today - which is now using - nftables as fw backend - sshuttle stopped working: + After upgrading to from 20.04.2 LTS (Focal Fossa) to 20.10 (Groovy + Gorilla) today - now using nftables as fw backend - sshuttle stopped + working: sudo sshuttle --remote <user>@<remote> --exclude <remote-ip>/32 <networks...> client: Connected. # Warning: iptables-legacy tables present, use iptables-legacy to see them iptables v1.8.5 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING # Warning: iptables-legacy tables present, use iptables-legacy to see them iptables v1.8.5 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING fatal: ['iptables', '-t', 'nat', '-nL'] returned 4 client: fatal: cleanup: ['/usr/bin/python3', '/usr/bin/sshuttle', '--method', 'auto', '--firewall'] returned 99 sudo sshuttle --method=nft --remote <user>@<remote> --exclude <remote-ip>/32 <networks...> client: Connected. Error: Could not process rule: No such file or directory add chain inet sshuttle-12300 prerouting { type nat hook prerouting priority -100; policy accept; } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ fatal: ['nft', 'add chain', 'inet', 'sshuttle-12300', 'prerouting', '{ type nat hook prerouting priority -100; policy accept; }'] returned 1 client: fatal: cleanup: ['/usr/bin/python3', '/usr/bin/sshuttle', '--method', 'nft', '--firewall'] returned 99 + Note, that on WSL2 the kernel was NOT changed with do-release-upgrade. + ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: sshuttle 1.0.4-1ubuntu4 Uname: Linux 5.10.16.3-microsoft-standard-WSL2 x86_64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: amd64 CasperMD5CheckResult: skip Date: Wed Jun 16 19:19:10 2021 PackageArchitecture: all ProcEnviron: - TERM=xterm-256color - PATH=(custom, no user) - LANG=C.UTF-8 - SHELL=/bin/bash + TERM=xterm-256color + PATH=(custom, no user) + LANG=C.UTF-8 + SHELL=/bin/bash SourcePackage: sshuttle UpgradeStatus: Upgraded to groovy on 2021-06-16 (0 days ago) ** Description changed: - After upgrading to from 20.04.2 LTS (Focal Fossa) to 20.10 (Groovy - Gorilla) today - now using nftables as fw backend - sshuttle stopped - working: + After upgrading from 20.04.2 LTS (Focal Fossa) to 20.10 (Groovy Gorilla) + today - now using nftables as fw backend - sshuttle stopped working: sudo sshuttle --remote <user>@<remote> --exclude <remote-ip>/32 <networks...> client: Connected. # Warning: iptables-legacy tables present, use iptables-legacy to see them iptables v1.8.5 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING # Warning: iptables-legacy tables present, use iptables-legacy to see them iptables v1.8.5 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING fatal: ['iptables', '-t', 'nat', '-nL'] returned 4 client: fatal: cleanup: ['/usr/bin/python3', '/usr/bin/sshuttle', '--method', 'auto', '--firewall'] returned 99 sudo sshuttle --method=nft --remote <user>@<remote> --exclude <remote-ip>/32 <networks...> client: Connected. Error: Could not process rule: No such file or directory add chain inet sshuttle-12300 prerouting { type nat hook prerouting priority -100; policy accept; } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ fatal: ['nft', 'add chain', 'inet', 'sshuttle-12300', 'prerouting', '{ type nat hook prerouting priority -100; policy accept; }'] returned 1 client: fatal: cleanup: ['/usr/bin/python3', '/usr/bin/sshuttle', '--method', 'nft', '--firewall'] returned 99 Note, that on WSL2 the kernel was NOT changed with do-release-upgrade. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: sshuttle 1.0.4-1ubuntu4 Uname: Linux 5.10.16.3-microsoft-standard-WSL2 x86_64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: amd64 CasperMD5CheckResult: skip Date: Wed Jun 16 19:19:10 2021 PackageArchitecture: all ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: sshuttle UpgradeStatus: Upgraded to groovy on 2021-06-16 (0 days ago) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1932184 Title: sshuttle can't set firewall settings with nftables To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sshuttle/+bug/1932184/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs