[Bug 1961401] [NEW] /usr/sbin/nft monitor trace ether type missing

Fri, 18 Feb 2022 02:05:43 -0800 

Public bug reported:

# nft config as  bash HERE document

DEV_WLAN='wlo1'
SET_AP_MAC="{$AP_MAC,$AP1_5_MAC,$AP2_2_MAC}"
TYPE_8021x='0x888E' # WLAN 802.1x login authentication (association)

FAMILY='netdev'
TABLE='T_ND'       # netdev
CHAIN='CH_ETHER'   # 1000BaseT is the root chain
CHAIN2='CH_WLAN'   # WLAN input is the root chain
NFT='/usr/sbin/nft'   # CLI program abs_path
TRACE='meta nftrace set 1'

###############################################################################
### HERE document: input file for $NFT (atomic firewall action) ###############
### -s ... stateless
### -f ... file input
###############################################################################
$NFT -s -f - <<END_OF_FIREWALL

...
add chain   $FAMILY $TABLE $CHAIN2 \
      {type filter hook ingress device $DEV_WLAN priority -500; policy drop;}

...
### 802.1x type 0x888E authentication, association
add rule $FAMILY $TABLE $CHAIN2 \
      ether saddr $SET_AP_MAC \
      ether type $TYPE_8021x   $TRACE   goto _Accept_

...
END_OF_FIREWALL

output from "/usr/sbin/nft monitor trace"
trace id 807e1b9f netdev T_ND CH_WLAN packet: iif "wlo1" ether saddr 
9c:c9:eb:4d:ff:dd ether daddr 08:11:96:26:d7:88 @nh,0,320 
8441524335526997765844483319805146990784313976429188050976212111078062133864734815165021630641
 
trace id 807e1b9f netdev T_ND CH_WLAN rule ether saddr { 9c:c9:eb:4d:ff:dd, 
9e:c9:eb:6d:ff:dc, c4:ea:1d:15:19:e7 } ether type 0x888e meta nftrace set 1 
goto _Accept_ (verdict goto _Accept_)
trace id 807e1b9f netdev T_ND _Accept_ rule meta length <= 1500 counter name 
"size_1500_NORMAL" counter name "_Accept_" accept (verdict accept)


what I want to see: (add ether type and all DATA in HEX presentation)
trace id 807e1b9f netdev T_ND CH_WLAN packet: iif "wlo1" ether saddr 
9c:c9:eb:4d:ff:dd ether daddr 08:11:96:26:d7:88 ether type 0x888E @nh,0x0,0x140 
0x..........................

** Affects: nftables (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961401

Title:
  /usr/sbin/nft monitor trace ether type missing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1961401/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to