Wasp-Ink30
DD-WRT User
Joined: 07 Feb 2025
Posts: 58
|
 Posted: Mon Dec 08, 2025 8:48 Post subject: Question for reporting issues for devices running NFTables |
 |
| blkt wrote: | Issues, observations, and/or workarounds reported:
• WebUI: Clear history or use a portable. Temporary cache bypass: Ctrl+F5, Cmd+Shift+R or new private window/incognito.
• Please report findings with steps needed to reproduce, configuration, clients, output, logs and important information below!
Important:
• Detail issues & relevant configs, logs: syslog klog 'dmesg' 'cat /tmp/var/log/messages' nvram set console_debug=1, serial.
• Firewall NAT: 'iptables -vnL' 'iptables -t nat -vnL' 'iptables -t mangle -vnL' & 'cat /tmp/.ipt'. Debug Analyze: strace tcpdump.
• Gremlins: reboot. cold boot. Reset & reconfigure not restore backup. Search Trac & discuss in forum before opening tickets.
• Include operating & wireless modes (e.g. Gateway, Router, AP, SB, WDS, Mesh) and applicable configurations to reproduce.
Example Template: |
In the portion of the new build post we are asked to gather & submit logs, operating modes, and firewall settings.
So I have a rather silly question. For those of us that are running NFTables now what would you like for us to report instead of iptables which report nothing but a list of empty chains? You get packet counts for each chain, but there are no rules listed.
For example this is what I get from R62966 for the three iptables listings:
It doens't look very helpful.
| Code: | BusyBox v1.37.0 (2025-12-06 10:04:25 +07) built-in shell (ash)
┌─[✓]─[root@MR7500:10.99.38.1]─[~]
└─iptables -vnL
Chain INPUT (policy ACCEPT 81161 packets, 7181K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 3561 packets, 605K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 71596 packets, 5731K bytes)
pkts bytes target prot opt in out source destination
┌─[✓]─[root@MR7500:10.99.38.1]─[~]
└─iptables -t nat -vnL
Chain PREROUTING (policy ACCEPT 53137 packets, 3836K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 52339 packets, 3768K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 336 packets, 28518 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 905 packets, 81195 bytes)
pkts bytes target prot opt in out source destination
┌─[✓]─[root@MR7500:10.99.38.1]─[~]
└─iptables -t mangle -vnL
Chain PREROUTING (policy ACCEPT 82632 packets, 7483K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 79283 packets, 6954K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 3303 packets, 522K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 70022 packets, 5504K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 73326 packets, 6028K bytes)
pkts bytes target prot opt in out source destination
┌─[✓]─[root@MR7500:10.99.38.1]─[~] |
|
|
