Thanks. I checked that in the userspace the enum nft_meta_keys has additional values as compared to the linux 5.0.2 's nft_meta_keys but this isn't the case with the nf-next. I'll run the tests again with the nf-next kernel tree. Also, does this mean that I should stick to the nf-next kernel tree instead of the latest kernel release itself?
On Tue, Mar 19, 2019 at 12:47 PM Florian Westphal <[email protected]> wrote: > > Karuna Grewal <[email protected]> wrote: > > On Tue, Mar 19, 2019 at 3:39 AM Florian Westphal <[email protected]> wrote: > > > > > > Karuna Grewal <[email protected]> wrote: > > > > command: add rule ip test-ip4 input meta time 100 > > > > Error: Could not process rule: Operation not supported > > > > > > This means that nft_meta.c doesn't recognize the TIME key. > > > You need to run the modified/patched kernel for this to work -- > > > it looks like nft_meta_get_init() hits the "default:" switch label. > > I'm running the tests against the new modified kernel (I've applied > > the patch to kernel 5.0.2) and when I logged a debug message it > > confirms that it's indeed hitting the default switch. > > But previously running nft against the nf-next fork of the kernel was > > recognising the `meta time`. This leaves me in a bit of confusion. > > Meanwhile I'm trying to verify other things, could you please confirm > > if the kernel tree isn't any issue here. > > It looks like kernel and userspace disagree on the TIME_NS meta attribute > enum value.
