For Linux 6.11.4 in ip6tables the first option to the NFLOG target gives an "unknown option" error, in my case this option happened to be --nflog-prefix. Only affects IPv6 (IPv4 appears ok under all versions). Is ok under 6.11.3 with exact same config etc. ########################################### Simple test under 6.11.4 root:~# ip6tables -N TEST_1 root:~# ip6tables -A TEST_1 -j NFLOG --nflog-prefix "Some prefix: " ip6tables v1.8.7 (legacy): unknown option "--nflog-prefix" Try `ip6tables -h' or 'ip6tables --help' for more information. root:~# root:~# ip6tables -A TEST_1 -j NFLOG --nflog-threshold 10 ip6tables v1.8.7 (legacy): unknown option "--nflog-threshold" Try `ip6tables -h' or 'ip6tables --help' for more information. ########################################### These tests run without error under 6.11.3. Checking with ip6tables-save confirms the problem. I get the same failure under 6.6.57 I am running on Slackware 15.0 on an Intel core i5, with Slackware packages :- iptables-1.8.7-x86_64-3 libnetfilter_conntrack-1.0.8-x86_64-3 libnetfilter_log-1.0.2-x86_64-1 ulogd-2.0.7-x86_64-4 Not sure if this is related to bugid-219397
Not my area of expertise, but from a quick look is seems to be a known problem due to some typos and people are working on a fix here: https://lore.kernel.org/all/20241021094536.81487-1-pablo@netfilter.org/
It now runs without error under 6.11.6 and 6.6.59 Thanks.