- Newest
- Most votes
- Most comments
Hello Douglas,
Greetings of the day! Thank you for contacting AWS.
To assist you here, I tried to replicate the issue in my lab environment where I was able to reproduce the issue with the mentioned kernel version and observed same error message :
$ uname -r
4.14.336-255.557.amzn2.x86_64
$ nft add table ip filter
Error: Could not process rule: Operation not supported
add table ip filter
I have checked this internally and I have found that it is a known bug to us, where you are unable to install nftables rules on the kernel version in question.
The internal team is fully aware of the situation and they are working on it to deploy the mitigations very soon. Other kernels or other functionality are not affected. Remaining on the previous 4.14 kernel build or upgrading to kernel 5.10 also works around the issue.
I do not have the ETA for this at the moment however I can assure you that our amazon linux team is working on it.
As part of general security practice we recommend using Amazon VPC and Amazon EC2 security groups for controlling network access to your instances: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security.html
Thank you and Wish you a good day ahead !
Relevant content
- Accepted Answerasked 9 months ago
- Accepted Answerasked a year ago
- asked 3 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 3 months ago