Join Log in
Score:0
MKDE avatar Server

nftables doesnt start && nftables.conf syntax error

sj flag
MKDE

This is my nftables.conf:

#!/usr/bin/env nft -f

flush ruleset
define interface = "venet0"



table inet filter {

set tcp_ok {
    type inet_service
    }

set udp_ok {
    type inet_service
    }

set trusted {
    type ipv4_addr
    }

set filter {
    type ipv4_addr
    }

set martians {
    type ipv4_addr
    flags constant, interval
    elements = {
        0.0.0.0/8
        127.0.0.0/8
    }
    }



chain input {
    type filter hook input priority 0

    policy drop

    ct state established,related accept

    iif lo accept

    iifname $interface ip saddr @trusted accept

    ip saddr @filter drop

    ip saddr @martians drop
    ip daddr @martians drop

    iifname $interface tcp dport 22 accept

    iifname $interface tcp dport @tcp_ok accept
    iifname $interface udp dport @udp_ok accept
    }
}

And this are the error messages, the service is not able to start can someone help me?

 /etc/nftables.conf:10:13-13: Error: syntax error, unexpected junk
 nft[371]: set tcp_ok {

 /etc/nftables.conf:11:19-19: Error: syntax error, unexpected junk, expecting newline or semicolon or .
         type inet_service

nftables.service: Main process exited, code=exited, status=1/FAILURE
 nftables.service: Failed with result 'exit-code'.
 systemd[1]: Failed to start nftables.
451
1 + 0
Score:0
avatar Server
pt flag
larsks

You have a syntax error in your ruleset. You need a comma between elements of a list; instead of:

set martians {
    type ipv4_addr
    flags constant, interval
    elements = {
        0.0.0.0/8
        127.0.0.0/8
    }
    }

You need:

set martians {
    type ipv4_addr
    flags constant, interval
    elements = {
        0.0.0.0/8,
        127.0.0.0/8
    }
    }

Note the additional comma after 0.0.0.0/8.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.