What should be the default `iptables` command backend? The existence of package "iptables-backend-nft" and its description imply that by default it should use the legacy iptables backend ("xtables-legacy-multi" binary). But from what I can see, even without having iptables-backend-nft installed, here's what I have:
alts -l iptables Binary: iptables Alternatives: 2 Priority: 1 Target: /usr/sbin/xtables-legacy-multi Group: ip6tables, ip6tables-restore, ip6tables-save, iptables, iptables-restore, iptables-save Priority: 2* Target: /usr/sbin/xtables-nft-multi Group: ip6tables, ip6tables-restore, ip6tables-save, iptables, iptables-restore, iptables-save /usr/sbin/iptables -V iptables v1.8.7 (nf_tables)
I think that means it uses nftables. Is it intentional, or an error in transition to libalternatives?
On Sat, 2021-12-25 at 23:23 +0100, Adam Mizerski wrote:
What should be the default `iptables` command backend? The existence of package "iptables-backend-nft" and its description imply that by default it should use the legacy iptables backend ("xtables-legacy-multi" binary).
But from what I can see, even without having iptables-backend-nft installed, here's what I have:
> alts -l iptables Binary: iptables Alternatives: 2 Priority: 1 Target: /usr/sbin/xtables-legacy-multi Group: ip6tables, ip6tables-restore, ip6tables- save, iptables, iptables-restore, iptables-save Priority: 2* Target: /usr/sbin/xtables-nft-multi Group: ip6tables, ip6tables-restore, ip6tables- save, iptables, iptables-restore, iptables-save > /usr/sbin/iptables -V iptables v1.8.7 (nf_tables)
I think that means it uses nftables. Is it intentional, or an error in transition to libalternatives?
I have just looked at the spec file and iptables-backend-nft provides the same files as the main package. This could definitely be a bug, I'll check if it there is any reason to have it like that. Thanks for reporting! -- Best Regards, Danilo Spinella
participants (2)
-
Adam Mizerski -
Danilo Spinella