During my vim syntax highlight unit testing... I noticed a behavior of
'nft' with regard to repeated adding/deleting same two sets of chains 5x.
Running latest nft v1.1.4, Debian 13, Linux 6.12.41+deb13-amd64,
add table netdev T
add chain netdev T A { type filter hook ingress priority -500;
policy accept; };
delete chain netdev T A { type filter hook ingress priority -500;
policy accept; };
add chain netdev T A { type filter hook ingress device eno2
priority -500; policy accept; };
delete chain netdev T A { type filter hook ingress device eno2
priority -500; policy accept; };
add chain netdev T A { type filter hook ingress priority -500;
policy accept; };
delete chain netdev T A { type filter hook ingress priority -500;
policy accept; };
add chain netdev T A { type filter hook egress device eno2
priority -500; policy accept; };
delete chain netdev T A { type filter hook egress device eno2
priority -500; policy accept; };
add chain netdev T A { type filter hook egress device eno2
priority -500; policy accept; }; # ERROR IS HERE
delete chain netdev T A { type filter hook egress device eno2
priority -500; policy accept; };
gets me the following nftables v1.1.4 output:
$ make check chain-type-netdev.tp.nft
Checking file: chain-type-netdev.tp.nft
/opt/nftables/sbin/nft -c -f chain-type-netdev.tp.nft
chain-type-netdev.tp.nft:17:1-94: Error: Could not process rule: No
such file or directory
delete chain netdev T A { type filter hook egress device eno2
priority -500; policy accept; };
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
make: *** [Makefile:19: check] Error 1
nftables v1.1.3 output is identical:
$ sudo /usr/sbin/nft -c -f chain-type-netdev.tp.nft
chain-type-netdev.tp.nft:17:1-94: Error: Could not process rule: No
such file or directory
delete chain netdev T A { type filter hook egress device eno2
priority -500; policy accept; };
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is also true of my other Linux platform.
