0

I was converting my iptables rules to nbtables and the script produced a few errors.

One of them was: add rule ip6 mangle protos_check meta l4proto carp counter return which was translated from -A protos_check --protocol 112 --jump RETURN

Anyhow when I try to run nft this line produces and error.

Is there a specific module needed for this?

Improve this question
5
  • Welcome to SU. Vague problem descriptions like this aren't answerable. Please see the guidelines for questions, then edit your question accordingly. Error analysis can't be done without the exact error messages, your NFT problems can't be analyzed without the NFT config and rulesets etc. Is the point of the question "how do I fix these errors" or "What is counter X in nftables?"
    – Peregrino69
    Commented Apr 5, 2023 at 7:53
  • en.m.wikipedia.org/wiki/Common_Address_Redundancy_Protocol This?
    – Tom Yan
    Commented Apr 5, 2023 at 8:05
  • It seems that 112 should be translated to vrrp instead though (or remain numeric as-is; should also work). en.m.wikipedia.org/wiki/Virtual_Router_Redundancy_Protocol
    – Tom Yan
    Commented Apr 5, 2023 at 8:11
  • Btw counter is pretty much irrelevant to real question. It's just a generic tag that adds a counter to the rule for its matched traffics
    – Tom Yan
    Commented Apr 5, 2023 at 8:17
  • Yeah I was wondering what carp was. I waas about to look at the source, god forbid.
    – Josh Matthews
    Commented Apr 5, 2023 at 8:23

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .