[pkg-netfilter-team] Bug#1031347: nftables: Possibly missing iptables alternatives provider

[Zhian Chen]

Package: nftables
Version: 1.0.6-2
Severity: normal
X-Debbugs-Cc: moonexiler at gmail.com

Dear Maintainer,

When I use proxy softwares which need iptables to work, I notice that
Debian has decided to use nftables as its default firewalling framework,
and Debian Wiki (https://wiki.debian.org/nftables, which I think is
somewhat outdated) points out that nftables is the backends when using
iptables and lists switching methods (which is unusable when I only
have nftables installed).

I find the proxy software which directly embeds 'iptables' command can't 
launch normally, 'iptables' command doesnot actually exist. Although 
/sbin/nft is usable.

I think this stuation is abnormal. What I originally thought is that
nftables provides iptables alternatives in /etc/alternatives,
registering automatically when `iptables` package is not installed (a
similiar Debian case is neovim and vim), so that progarms can use iptables in
shell command.

I'm not sure if I am right. I also notice that *-lagacy and *-nft tools
are both included in Debian iptables package, and iptables provides an
iptables alternative rule. nftables just has /sbin/nft.


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages nftables depends on:
ii  libc6         2.36-8
ii  libedit2      3.1-20221030-2
ii  libnftables1  1.0.6-2

Versions of packages nftables recommends:
ii  netbase  6.4

Versions of packages nftables suggests:
pn  firewalld  <none>

-- no debconf information