Package: nftables Version: 1.0.6-2 Severity: normal X-Debbugs-Cc: moonexi...@gmail.com
Dear Maintainer, When I use proxy softwares which need iptables to work, I notice that Debian has decided to use nftables as its default firewalling framework, and Debian Wiki (https://wiki.debian.org/nftables, which I think is somewhat outdated) points out that nftables is the backends when using iptables and lists switching methods (which is unusable when I only have nftables installed). I find the proxy software which directly embeds 'iptables' command can't launch normally, 'iptables' command doesnot actually exist. Although /sbin/nft is usable. I think this stuation is abnormal. What I originally thought is that nftables provides iptables alternatives in /etc/alternatives, registering automatically when `iptables` package is not installed (a similiar Debian case is neovim and vim), so that progarms can use iptables in shell command. I'm not sure if I am right. I also notice that *-lagacy and *-nft tools are both included in Debian iptables package, and iptables provides an iptables alternative rule. nftables just has /sbin/nft. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-4-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages nftables depends on: ii libc6 2.36-8 ii libedit2 3.1-20221030-2 ii libnftables1 1.0.6-2 Versions of packages nftables recommends: ii netbase 6.4 Versions of packages nftables suggests: pn firewalld <none> -- no debconf information