On 2020-12-11 10:28:27 (+0100), Sébastien Luttringer via arch-dev-public wrote: > I would like stop maintaining arptables and ebtables and drop them in > [unsupported]. > The future in the linux kernel is clearly nftables and keeping them in the > repository present is of little interest these days. > > ebtables is still an hard dependency on others packages, but the iptables-nft > package ship a remplacement based on nftables. I have not tested the > compatibility, so if someone think it's not possible, please let me know.
I believe kubelet does not work with nftables (yet). There needs to be testing for this. It seems lxd is also affected. > If you have spare time, I suggest you take a look at the nftable package and > become a master in nft-fu. It is much more convenient and efficient than the > iptables / ipset / ebtables / arptables solution. For the less enthusiastic > about the command line, firewalld has an nftables backend. I agree. I have been using it on all of my machines for quite some time. Especially in the last two years the upstream wiki documentation has also improved significantly. Best, David -- https://sleepmap.de
signature.asc
Description: PGP signature