Ubuntu
nftables package

JSON output is corrupted if there is an empty table with flags

Bug #2017656 reported by Psy[H[]
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nftables (Ubuntu)
New
Undecided
Unassigned

Bug Description

Description: Ubuntu 22.04.2 LTS
Release: 22.04
nftables/jammy-updates,now 1.0.2-1ubuntu3 amd64 [installed]
Linux 5.15.0-70-generic #77-Ubuntu SMP Tue Mar 21 14:02:37 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

My ruleset in /etc/nftables.conf ends with:

# muffle anything that comes via iptables-nft
table ip filter { flags dormant ; }
table ip nat { flags dormant ; }
table ip mangle { flags dormant ; }
table ip raw { flags dormant ; }
table ip security { flags dormant ; }
table ip6 filter { flags dormant ; }
table ip6 nat { flags dormant ; }
table ip6 mangle { flags dormant ; }
table ip6 raw { flags dormant ; }
table ip6 security { flags dormant ; }

While any of these tables are empty, 'nft -j list ruleset' returns truncated output at flags of one of these tables:

..., {"table": {"family": "ip6", "name": "security", "handle": 114, "flags": <truncated here

rc is 0

Affects nftables 1.0.2 in Ubuntu 22.04 (also 1.0.6 in Debian testing), but works fine in nftables 0.9.3 in Ubuntu 20.04.

See original description
Psy[H[] (vovik-wfa)
description: updated
Psy[H[] (vovik-wfa)
description: updated
Psy[H[] (vovik-wfa)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.