On Wed, Dec 19, 2018 at 06:05:10PM +0100, Arturo Borrero Gonzalez wrote: > On 12/19/18 5:57 PM, Michał Mirosław wrote: > > Package: nftables > > Version: 0.9.0-2 > > Severity: normal > > > > --- Please enter the report below this line. --- > > > > # nft add rule inet filter divert 'ip6 daddr ::/0 meta l4proto tcp tproxy > > to :2000 meta mark set 1 accept' > > Error: syntax error, unexpected to > > add rule inet filter divert ip6 daddr ::/0 meta l4proto tcp tproxy to :2000 > > meta mark set 1 accept > > ^^ > > > > RedHats have the same problem: > > https://bugzilla.redhat.com/show_bug.cgi?id=1651813 > > > > This may be a bug in the documentation. > > Try something like: > > * tproxy ip to 192.0.2.1 > * tproxy ip6 to [2001:db8::1]:50080
It accepts an address, but then barfs at anything further, even EOL. # nft add rule inet filter divert 'ip6 daddr ::/0 meta l4proto tcp tproxy ip6 [::1]' Error: syntax error, unexpected newline add rule inet filter divert ip6 daddr ::/0 meta l4proto tcp tproxy ip6 [::1] ^