TechQA.

nftables set: Could not add set with flags interval on command line

1k views Asked by At

As it is said, this command failed :

nft 'add set netdev blacklist blocklist_v4 {type ipv4_addr; flags interval;}'

But this one succeded :

nft 'add set netdev blacklist blocklist_v4 {type ipv4_addr;}'

I tried with flags constant, and it works. So it seems "interval" is not supported, or am i missing something ??

I'm trying to achieve something like this.

nftables
Original Q&A
2

There are 2 answers

1
Francois On

Don't migrate to nftables until you have kernel 5.6 if you want to have IP intervals ! As it is said here and SHOULD have been wrote here

NOTE: before Linux kernel 5.6 and nftables 0.9.4 the CIDR notation wasn't available, you would need to use a workaround:

No, thanks, fed up with horrible "workarounds". Iptables was able to do that before, and i hate regression. So I will remove CIDR IPs and wrote each IP. Marvelous.

They didn't mention in the right place that flags interval doesn't work under kernel 5.6. and then you get screwed. Ok, fine. Problem "solved".

0
Lobz On

It seems like the version of nftables is too old and does not support intervals. Please specify the version of nftables, kernel and operating system.

Related Questions in NFTABLES

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions