I'm switching from iptables+ipset to nftables, and as part of it, I need to
import a set containing ~2400 IPv6 networks. The file looks like this:
define elems = {
2001:123::/31,
...
}
table ip6 mytable {
set myset {
type ipv6_addr
flags dynamic,interval
elements = $elems
}
chain output {
type route hook output priority -150;
... ip6 daddr @myset reject
}
}
And then "nft -f myfile.nft" fails with
netlink: Error: Could not process rule: No buffer space available
--
Best regards,
lilydjwg
