After a reboot I get this kind of status for the service
systemctl status nftables
● nftables.service - nftables
Loaded: loaded (/lib/systemd/system/nftables.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2019-07-12 16:04:59 CEST; 4min 28s ago
Docs: man:nft(8)
http://wiki.nftables.org
Process: 287 ExecStart=/usr/sbin/nft -f /etc/nftables.conf (code=exited, status=3)
Main PID: 287 (code=exited, status=3)
Jul 12 16:04:59 cubox nft[287]: netlink.c:62: Unable to initialize Netlink socket: Protocol not supported
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
+++++++++++++++++++++++++++++++++++++
nftables installed ?
+++++++++++++++++++++++++++++++++++++
p libnftables-dev - Development files for libnftables
i A libnftables0 - Netfilter nftables high level userspace API library
i nftables - Program to control packet filtering rules by Netfilter project
+++++++++++++++++++++++++++++++++++++
update alternatives setup
+++++++++++++++++++++++++++++++++++++
ip6tables auto /usr/sbin/ip6tables-nft
iptables auto /usr/sbin/iptables-nft
Anyway, a manual restart of the service works and the rules in /etc/nftables.conf are load properly.
I suppose there is a problem with a kernel module?
Doing the same upgrade on raspberries worked :
Linux bowerick 4.19.50-v7+ #896 SMP Thu Jun 20 16:11:44 BST 2019 armv7l GNU/Linux
No LSB modules are available.
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 10 (buster)
Release: 10
Codename: buster
Question
wanda
I just switched from iptables to netfilter.
After a reboot I get this kind of status for the service
systemctl status nftables ● nftables.service - nftables Loaded: loaded (/lib/systemd/system/nftables.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2019-07-12 16:04:59 CEST; 4min 28s ago Docs: man:nft(8) http://wiki.nftables.org Process: 287 ExecStart=/usr/sbin/nft -f /etc/nftables.conf (code=exited, status=3) Main PID: 287 (code=exited, status=3) Jul 12 16:04:59 cubox nft[287]: netlink.c:62: Unable to initialize Netlink socket: Protocol not supported Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable. +++++++++++++++++++++++++++++++++++++ nftables installed ? +++++++++++++++++++++++++++++++++++++ p libnftables-dev - Development files for libnftables i A libnftables0 - Netfilter nftables high level userspace API library i nftables - Program to control packet filtering rules by Netfilter project +++++++++++++++++++++++++++++++++++++ update alternatives setup +++++++++++++++++++++++++++++++++++++ ip6tables auto /usr/sbin/ip6tables-nft iptables auto /usr/sbin/iptables-nft
Anyway, a manual restart of the service works and the rules in /etc/nftables.conf are load properly.
I suppose there is a problem with a kernel module?
Doing the same upgrade on raspberries worked :
Linux bowerick 4.19.50-v7+ #896 SMP Thu Jun 20 16:11:44 BST 2019 armv7l GNU/Linux No LSB modules are available. Distributor ID: Raspbian Description: Raspbian GNU/Linux 10 (buster) Release: 10 Codename: buster
Link to comment
Share on other sites
5 answers to this question
Recommended Posts