Public bug reported: OS: Ubuntu 20.04
nftables version 0.9.3-2 amd64 /etc/nftables.conf content: #!/usr/sbin/nft -f flush ruleset table inet filter { chain input { type filter hook input priority 0; policy drop; tcp dport 22 accept ct state established,related accept } chain forward { type filter hook forward priority 0; policy accept; } chain output { type filter hook output priority 0; policy accept; } } Expected behavior: nftables should become statefull and thereby allow incoming packets after a connection is initiated by the host. This works on Debian 10 with nftables v 0.9.0-2 amd64. Actual behavior: nftables does not become statefull and drops all incoming packets. ** Affects: nftables (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1888076 Title: nftables can't be statefull To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1888076/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs