Your message dated Wed, 15 Feb 2023 18:14:53 +0100
with message-id
<cafnm+rpwas8pcloclz-08pbpe1wksymz6ac_aov9lbbvrkv...@mail.gmail.com>
and subject line Re: [pkg-netfilter-team] Bug#1031347: Additional Information #2
has caused the Debian Bug report #1031347,
regarding nftables: Possibly missing iptables alternatives provider
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1031347: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031347
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: nftables
Version: 1.0.6-2
Severity: normal
X-Debbugs-Cc: [email protected]
Dear Maintainer,
When I use proxy softwares which need iptables to work, I notice that
Debian has decided to use nftables as its default firewalling framework,
and Debian Wiki (https://wiki.debian.org/nftables, which I think is
somewhat outdated) points out that nftables is the backends when using
iptables and lists switching methods (which is unusable when I only
have nftables installed).
I find the proxy software which directly embeds 'iptables' command can't
launch normally, 'iptables' command doesnot actually exist. Although
/sbin/nft is usable.
I think this stuation is abnormal. What I originally thought is that
nftables provides iptables alternatives in /etc/alternatives,
registering automatically when `iptables` package is not installed (a
similiar Debian case is neovim and vim), so that progarms can use iptables in
shell command.
I'm not sure if I am right. I also notice that *-lagacy and *-nft tools
are both included in Debian iptables package, and iptables provides an
iptables alternative rule. nftables just has /sbin/nft.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages nftables depends on:
ii libc6 2.36-8
ii libedit2 3.1-20221030-2
ii libnftables1 1.0.6-2
Versions of packages nftables recommends:
ii netbase 6.4
Versions of packages nftables suggests:
pn firewalld <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Hi,
No worries!
Thanks for your comments and additional information provided. I think
the conclusion is correct, in this case you need to install the
iptables package that is not installed by default.
Closing the bug.
Alberto
--- End Message ---
