Hi Gustavo,
I'm sorry, but I still don't get it completely.
Am 16.12.2018 um 02:31 schrieb gustavo panizzo:
Is not a parsing problem, the CHAINs do not exists.
You need to check your setup. Check where the ip6*tables* symlinks
points to and make it consistent.
ip6tables-save points to /usr/sbin/ip6tables-nft-save, the version
string is ip6tables-save v1.8.2 (nf_tables). ip6tables-restore points to
/usr/sbin/ip6tables-nft-restore, which is of the same version v1.8.2.
I've never touched these symlinks on my own.
Also remove the legacy rules before applying new rules.
if ip{,6}tables-save and ip{,6}tables-restore dont work in your system,
netfilter-persistent won't work either (is just a wrapper around them to
start the firewall at boot time)
Yeah, and that is still my point of asking here: how can it be possible
that dumping the rules and importing with tools from the same package
with the same version throws an error? Shouldn't the process to write
the rules generate a file that is sound and can be restored?
Is it possible that there are incompatibilities with other parts? For
example, I'm running the kernel version 4.4.134.
I'm sorry to keep asking questions rather than providing a solution on
my own, but I'm not that experienced with iptables. I've seen it
throwing an error during an update and this looks like a bug to me. I'd
be very happy if you could guide me to the neccessary steps of providing
more information to inspect this.
Regards
Nico
