[pkg-lxc-devel] Bug#952520: lxc-net: native nftables support

Santiago R.R. santiagorr at riseup.net
Tue Feb 25 09:40:12 GMT 2020


Source: lxc
Version: 1:3.1.0+really3.0.4-2
Severity: wishlist
Tags: upstream

Since 0.9.1-3 [1], nftables' priority has been bumped up to important,
remplacing iptables as default netfilter admin tool.

[1] https://tracker.debian.org/news/1054941/accepted-nftables-091-3-source-into-unstable/

Currently, /usr/libexec/lxc/lxc-net relies on iptables, and it would be
nice if it could natively manage the rules using nft.

Cheers,

 -- S

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8), LANGUAGE=es_CO.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20200225/41b96a0a/attachment.sig>


More information about the Pkg-lxc-devel mailing list