nftables bug?

Issues related to configuring your network
Post Reply
ebal
Posts: 1
Joined: 2019/09/19 21:10:56

nftables bug?

Post by ebal » 2019/09/29 11:17:34

I have a qemu/kvm VM to run/test/learn about centos8, reading Release Notes and changes.

eg nftables
Networking: The nftables framework replaces iptables in the role of the default network packet filtering facility.
Some commands work:

Code: Select all

[root@centos8 ~]# nft list tables
table ip filter
table ip6 filter
table bridge filter
table ip security
table ip raw
table ip mangle
table ip nat
table ip6 security
table ip6 raw
table ip6 mangle
table ip6 nat
table bridge nat
table inet firewalld
table ip firewalld
table ip6 firewalld

[root@centos8 ~]#  nft list table ip filter
table ip filter {
	chain INPUT {
		type filter hook input priority 0; policy accept;
	}

	chain FORWARD {
		type filter hook forward priority 0; policy accept;
	}

	chain OUTPUT {
		type filter hook output priority 0; policy accept;
	}
}
some not !

Code: Select all

[root@centos8 ~]# nft export 
Error: syntax error, unexpected newline, expecting ruleset or xml or json or vm
export
      ^
[root@centos8 ~]# nft export xml
Error: this output type is not supported
export xml
^^^^^^^^^^^
[root@centos8 ~]# nft export json
Error: this output type is not supported
export json
^^^^^^^^^^^^
[root@centos8 ~]# nft export vm
Error: syntax error, unexpected newline, expecting json
export vm
Am I doing something wrong here ?

hunter86_bg
Posts: 1929
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: nftables bug?

Post by hunter86_bg » 2019/10/06 10:01:55

I guess it's limitation of the nft implementation.
You can backup via:

Code: Select all

nft list ruleset > /somefile

User avatar
TrevorH
Forum Moderator
Posts: 27164
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: nftables bug?

Post by TrevorH » 2019/10/06 11:06:02

[root@centos8 ~]# nft export vm json
Error: JSON export is no longer supported, use 'nft -j list ruleset' instead
CentOS 6 will die in November 2020 - migrate sooner rather than later!
CentOS 5 has been EOL for nearly 3 years and should no longer be used for anything!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply

Return to “CentOS 8 - Networking Support”