Package: nftables Version: 0.9.8-3 Severity: normal Tags: patch Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** nftables runs to early at system boot. At this time not all interfaces are available: # journalctl -b -3 --unit=systemd-networkd.service --unit=nftables.service --no-hostname -- Journal begins at Fri 2021-05-28 15:13:07 CEST, ends at Thu 2021-06-03 17:08:05 CEST. -- Jun 03 15:18:23 nft[414]: /etc/nftables.conf:12:21-31: Error: Interface does not exist Jun 03 15:18:23 nft[414]: define SSID-MEDIA = enp1s0f0.66 Jun 03 15:18:23 nft[414]: ^^^^^^^^^^^ Jun 03 15:18:23 nft[414]: /etc/nftables.conf:11:21-31: Error: Interface does not exist Jun 03 15:18:23 nft[414]: define SSID-LABOR = enp1s0f0.65 Jun 03 15:18:23 nft[414]: ^^^^^^^^^^^ Jun 03 15:18:23 systemd-networkd[440]: Enumeration completed Jun 03 15:18:23 systemd[1]: Started Network Service. Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.66: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.64: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.32: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.34: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.65: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.33: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.35: netdev ready Jun 03 15:18:23 systemd-networkd[440]: enp1s0f0.36: netdev ready Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.32: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.33: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.34: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.35: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.36: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.64: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.65: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.66: Link UP Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.32: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.33: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.34: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.35: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.36: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.64: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.65: Gained carrier Jun 03 15:18:24 systemd-networkd[440]: enp1s0f0.66: Gained carrier Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.36: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.66: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.65: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.35: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.33: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.64: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.32: Gained IPv6LL Jun 03 15:18:26 systemd-networkd[440]: enp1s0f0.34: Gained IPv6LL Running nftables after network-target solves the issue: # journalctl -b --unit=systemd-networkd.service --unit=nftables.service --no-hostname -- Journal begins at Fri 2021-05-28 15:13:07 CEST, ends at Thu 2021-06-03 17:17:01 CEST. -- Jun 03 16:22:36 systemd-networkd[435]: Enumeration completed Jun 03 16:22:36 systemd[1]: Started Network Service. Jun 03 16:22:36 systemd[1]: Starting nftables... Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.36: netdev ready Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.66: netdev ready Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.32: netdev ready Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.34: netdev ready Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.64: netdev ready Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.65: netdev ready Jun 03 16:22:36 systemd-networkd[435]: enp1s0f0.33: netdev ready Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.35: netdev ready Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.32: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.33: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.34: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.35: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.36: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.64: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.65: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.66: Link UP Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.32: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.33: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.34: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.35: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.36: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.64: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.65: Gained carrier Jun 03 16:22:37 systemd-networkd[435]: enp1s0f0.66: Gained carrier Jun 03 16:22:38 systemd-networkd[435]: enp1s0f0.32: Gained IPv6LL Jun 03 16:22:39 systemd-networkd[435]: enp1s0f0.36: Gained IPv6LL Jun 03 16:22:39 systemd-networkd[435]: enp1s0f0.33: Gained IPv6LL Jun 03 16:22:39 systemd-networkd[435]: enp1s0f0.64: Gained IPv6LL Jun 03 16:22:39 systemd-networkd[435]: enp1s0f0.34: Gained IPv6LL Jun 03 16:22:39 systemd-networkd[435]: enp1s0f0.35: Gained IPv6LL Jun 03 16:22:39 systemd[1]: Finished nftables. Changed unit file: # systemctl cat nftables.service # /etc/systemd/system/nftables.service [Unit] Description=nftables Documentation=man:nft(8) http://wiki.nftables.org Wants=network.target After=network.target Before=shutdown.target Conflicts=shutdown.target DefaultDependencies=no [Service] Type=oneshot RemainAfterExit=yes StandardInput=null ProtectSystem=full ProtectHome=true ExecStart=/usr/sbin/nft -f /etc/nftables.conf ExecReload=/usr/sbin/nft -f /etc/nftables.conf ExecStop=/usr/sbin/nft flush ruleset [Install] WantedBy=sysinit.target -- System Information: Debian Release: 11.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-6-amd64 (SMP w/12 CPU threads) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages nftables depends on: ii dpkg 1.20.9 ii libc6 2.31-12 ii libedit2 3.1-20191231-2+b1 ii libnftables1 0.9.8-3 nftables recommends no packages. Versions of packages nftables suggests: pn firewalld <none> -- Configuration Files: /etc/nftables.conf changed [not included] -- no debconf information