Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/linux/27.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Linux nftables config命令失败,操作不受支持_Linux_Security_Network Programming_Nftables - Fatal编程技术网
Fatal编程技术网
  • linux/
  • Linux nftables config命令失败,操作不受支持

Linux nftables config命令失败,操作不受支持

linux security network-programming

Linux nftables config命令失败,操作不受支持,linux,security,network-programming,nftables,Linux,Security,Network Programming,Nftables,请求您提供与nftables相关的帮助 在使用配置命令时。下面是一个错误 Error: Could not process rule: Operation not supported Debian-10 root@localhost:~# uname -a Linux localhost 4.19.81-OpenNetworkLinux-thanos #1 SMP Tue Apr 28 08:24:05 UTC 2020 x86_64 GNU/Linux root@localhost:~#

请求您提供与nftables相关的帮助

在使用配置命令时。下面是一个错误

Error: Could not process rule: Operation not supported
Debian-10

root@localhost:~# uname -a
Linux localhost 4.19.81-OpenNetworkLinux-thanos #1 SMP Tue Apr 28 08:24:05 UTC 2020 x86_64 GNU/Linux

root@localhost:~# nft -v
nftables v0.9.0 (Fearless Fosdick)
已安装确认的nft和相关软件包

root@localhost:~# sudo dpkg-query -l
...
ii libnftables0:amd64 0.9.0-2 amd64 Netfilter nftables high level userspace API library
ii libnftnl11:amd64 1.1.2-2 amd64 Netfilter nftables userspace API library
ii nftables 0.9.0-2 amd64 Program to control packet filtering rules by Netfilter project
ii libmnl0:amd64 1.0.4-2 amd64 minimalistic Netlink communication library
...
顺序尝试以下命令:

1.root@localhost:~# nft --debug all flush ruleset

2.root@localhost:~# nft --debug all add table ip filter
下面是上述添加命令的调试输出

1)也出现了类似的“操作不受支持”错误

谢谢你的帮助

谢谢大家

Santosh在从debian9升级到10的osmc设备上看到了同样的情况。WireGuard正在撞击这个。 
# nft --debug all add table ip filter
Entering state 0
Reducing stack by rule 1 (line 747):
-> $$ = nterm input (: )
Stack now 0
Entering state 1
Reading a token: --accepting rule at line 275 ("add")
Next token is token "add" (: )
Shifting token "add" (: )
Entering state 19
Reading a token: --accepting rule at line 631 (" ")
--accepting rule at line 245 ("table")
Next token is token "table" (: )
Shifting token "table" (: )
Entering state 10
Reading a token: --accepting rule at line 631 (" ")
--accepting rule at line 388 ("ip")
Next token is token "ip" (: )
Shifting token "ip" (: )
Entering state 35
Reducing stack by rule 246 (line 1845):
   $1 = token "ip" (: )
-> $$ = nterm family_spec_explicit (: )
Stack now 0 1 19 10
Entering state 47
Reducing stack by rule 245 (line 1842):
   $1 = nterm family_spec_explicit (: )
-> $$ = nterm family_spec (: )
Reducing stack by rule 245 (line 1842):
   $1 = nterm family_spec_explicit (: )
-> $$ = nterm family_spec (: )
Stack now 0 1 19 10
Entering state 46
Reading a token: --accepting rule at line 631 (" ")
--accepting rule at line 602 ("filter")
Next token is token "string" (: )
Shifting token "string" (: )
Entering state 53
Reducing stack by rule 239 (line 1818):
   $1 = token "string" (: )
-> $$ = nterm identifier (: )
Stack now 0 1 19 10 46
Entering state 250
Reducing stack by rule 252 (line 1853):
   $1 = nterm family_spec (: )
   $2 = nterm identifier (: )
-> $$ = nterm table_spec (: )
Stack now 0 1 19 10
Entering state 57
Reading a token: --accepting rule at line 611 ("
")
Next token is token "newline" (: )
Reducing stack by rule 31 (line 874):
   $1 = token "table" (: )
   $2 = nterm table_spec (: )
-> $$ = nterm add_cmd (: )
Stack now 0 1 19
Entering state 66
Reducing stack by rule 17 (line 858):
   $1 = token "add" (: )
   $2 = nterm add_cmd (: )
-> $$ = nterm base_cmd (: )
Stack now 0 1
Entering state 44
Next token is token "newline" (: )
Shifting token "newline" (: )
Entering state 4
Reducing stack by rule 3 (line 766):
   $1 = token "newline" (: )
-> $$ = nterm stmt_separator (: )
Stack now 0 1 44
Entering state 249
Reducing stack by rule 14 (line 824):
   $1 = nterm base_cmd (: )
   $2 = nterm stmt_separator (: )
-> $$ = nterm line (: )
Stack now 0 1
Entering state 43
Reducing stack by rule 2 (line 748):
   $1 = nterm input (: )
   $2 = nterm line (: )

Evaluate add
add table ip filter
^^^^^^^^^^^^^^^^^^^^

-> $$ = nterm input (: )
Stack now 0
Entering state 1
Reading a token: --(end of buffer or a NUL)
--EOF (start condition 0)
Now at end of input.
Shifting token "end of file" (: )
Entering state 2
Stack now 0 1 2
Cleanup: popping token "end of file" (: )
Cleanup: popping nterm input (: )
---------------- ------------------
| 0000000020 | | message length |
| 00016 | R--- | | type | flags |
| 0000000000 | | sequence number|
| 0000000000 | | port ID |
---------------- ------------------
| 00 00 0a 00 | | extra header |"
  .....

Error: Could not process rule: Operation not supported
add table ip filter
^^^^^^^^^^^^^^


root@localhost:~# nft --interactive
nft> create table inet mytable
Error: Could not process rule: Operation not supported
create table inet mytable