On Wed, Jan 22, 2020 at 07:06:43PM -0700, Alan Feuerbacher via blfs-support wrote: > When Linux boots up, I see an error message in the console about nftables: > the system can't find LAN1 or WAN1. No surprise, since when I set up the > configuration file with the default in the BLFS book like so: > > cat > /etc/nftables/nftables.conf << "EOF" > > . . . > > I just used the template in the book. Later, in this configuration file I > replaced all instances of WAN1 with my actual ethernet string "enp0s31f6", > but I still get complaints from Linux on bootup. > > I did not replace LAN1. > > After some Net research on the use of nftables, I thought that WAN1 -> > enp0s31f6 was correct. However, I have no clue what to use for LAN1. > > My home system is pretty simple: several computers talking to a router via > hard-wired ethernet or wireless. So I would guess that LAN1 would be a name > that resides somewhere in router-land. Clues? > I've never used nftables, but it appears to me that the example is for a machine which has different interfaces for local and network (e.g. a firewall machine).
If so, and you only use the enp0s31f6 to talk to your other local machines (or do not talk to them), I guess you can comment out the LAN1 lines. But in that case (and remembering that I've never used nftables) it seems that (external) connections on WAN1 will be accepted. For a webserver or similar, fine, but for a desktop I would be suspicious that *fresh* external connections might be accepted. For ALL firewall-related stuff you really need to research the configuration options. I'm using iptables (home lan) and some of my settings are quite different from what is in the book. As a general rule, if in doubt log and drop, then review what is in the logs (mine log far too much crap). ĸen -- The politics of wizardry were either very simple, and resolved by someone ceasing to breathe, or as complex as one ball of yarn in a room with three bright-eyed little kittens. - Unseen Academicals -- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
