Commit fails when trying to use match-ipsec in firewall ipv4 output filter rule
vyos@vyos# commit Failed to apply firewall: /run/nftables.conf:45:9-38: Error: Could not process rule: Operation not supported meta ipsec == 1 counter accept comment "ipv4-OUT-filter-10" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /run/nftables.conf:46:9-22: Error: Could not process rule: Operation not supported counter accept comment "OUT-filter default-action accept" ^^^^^^^^^^^^^^ /run/nftables.conf:50:9-62: Error: Could not process rule: Operation not supported ip frag-off & 0x3fff != 0 meta mark set 0xffff1 return ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ [[firewall]] failed Commit failed
Commands to reproduce:
set firewall ipv4 output filter rule 10 action accept set firewall ipv4 output filter rule 10 ipsec match-ipsec
This also occurs when jumping to a rule set that contains a match-ipsec.