nftables does not startup during server boot: Error: Interface does not exist nft[

Issues related to configuring your network
Post Reply
wp.rauchholz
Posts: 133
Joined: 2016/11/20 11:58:45

nftables does not startup during server boot: Error: Interface does not exist nft[

Post by wp.rauchholz » 2021/02/27 13:18:44

My home server is modem / router and as such has to NICs.
I transitioned from iptables to nftables. When booting the server pp0 is not yet up and therefor nftables does not start.
systemd[1]: Starting Netfilter Tables...
nft[884]: /etc/sysconfig/nftables.conf:7:7-12: Error: Interface does not exist
nft[884]: iif "ppp0" ct state new tcp dport { 1194 } tcp flags & (fin | syn | rst | ack) == syn accept
nft[884]: ^^^^^^
nft[884]: /etc/sysconfig/nftables.conf:61:7-12: Error: Interface does not exist
nft[884]: oif "ppp0" tcp flags & (syn | rst) == syn counter packets 155 bytes 8860 tcp option maxseg size set rt mtu
nft[884]: ^^^^^^
systemd[1]: nftables.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: nftables.servic

Once booted, I just run systenctl start nftables and the firewall starts u p correctly
What is the difference btw iptables and mftables as it comes to the boot process?
How can I fix this?

Thanks,

Wolfgang

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: nftables does not startup during server boot: Error: Interface does not exist nft[

Post by jlehtone » 2021/02/27 18:43:40

Looks like an explanation: https://serverfault.com/questions/98515 ... n-nftables

Therefore, use iifname match, not iif.

Post Reply