/usr/sbin/nft monitor trace ether type missing
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| nftables (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
# nft config as bash HERE document
DEV_WLAN='wlo1'
SET_AP_
TYPE_8021x='0x888E' # WLAN 802.1x login authentication (association)
FAMILY='netdev'
TABLE='T_ND' # netdev
CHAIN='CH_ETHER' # 1000BaseT is the root chain
CHAIN2='CH_WLAN' # WLAN input is the root chain
NFT='/usr/sbin/nft' # CLI program abs_path
TRACE='meta nftrace set 1'
#######
### HERE document: input file for $NFT (atomic firewall action) ###############
### -s ... stateless
### -f ... file input
#######
$NFT -s -f - <<END_OF_FIREWALL
...
add chain $FAMILY $TABLE $CHAIN2 \
{type filter hook ingress device $DEV_WLAN priority -500; policy drop;}
...
### 802.1x type 0x888E authentication, association
add rule $FAMILY $TABLE $CHAIN2 \
ether saddr $SET_AP_MAC \
ether type $TYPE_8021x $TRACE goto _Accept_
...
END_OF_FIREWALL
output from "/usr/sbin/nft monitor trace"
trace id 807e1b9f netdev T_ND CH_WLAN packet: iif "wlo1" ether saddr 9c:c9:eb:4d:ff:dd ether daddr 08:11:96:26:d7:88 @nh,0,320 844152433552699
trace id 807e1b9f netdev T_ND CH_WLAN rule ether saddr { 9c:c9:eb:4d:ff:dd, 9e:c9:eb:6d:ff:dc, c4:ea:1d:15:19:e7 } ether type 0x888e meta nftrace set 1 goto _Accept_ (verdict goto _Accept_)
trace id 807e1b9f netdev T_ND _Accept_ rule meta length <= 1500 counter name "size_1500_NORMAL" counter name "_Accept_" accept (verdict accept)
what I want to see: (add ether type and all DATA in HEX presentation)
trace id 807e1b9f netdev T_ND CH_WLAN packet: iif "wlo1" ether saddr 9c:c9:eb:4d:ff:dd ether daddr 08:11:96:26:d7:88 ether type 0x888E @nh,0x0,0x140 0x.....
