Comment # 5 on bug 1231424 from Danish Prakash

(In reply to Alexandre Vicenzi from comment #4)
> We can set NETAVARK_DEFAULT_FW and require nftables-related package, this
> should ensure Tumbleweed netavark backend is nftables.
iiuc, `iptables-backend-nft` seems to be the hybrid compat solution helping
transitioning users from iptables to nftables. SP3[1] switched to nftables as
the default firewalld backend but that link re: openSUSE nftables shared
earlier[2] doesn't definitively say that nftables indeed is the default on all
openSUSE flavors. We should move to setting nftables if we can confirm this.

> Yes, I think we should load both ip_tables and ip6_tables, specially on
> SLE-15, not sure if we can remove that from Tumbleweed since netavark would
> default to nftables.
A conditional require on nftables doesn't sound too bad iff we can ascertain
that openSUSE has nftables (I'm still a little skeptical)

> Dasnish, can we move the module load config to CNI and netavark packages?
> Either package installed would ensure it is being loaded. Or does Podman
> need iptables for something else?
I'm unsure if podman needs it for anything other than CNI, but I was
referencing podman's upstream rpm spec, which seems to load ip* modules. I'll
check with upstream if there's any other reason to do so.

[1] - https://www.suse.com/support/kb/doc/?id=000020643
[2] - https://progress.opensuse.org/news/112