On 11/16/18 1:18 PM, Amos Jeffries wrote: > My kernel version is 3.16.0-4-amd64. >
This kernel is very very old. First thing to do is to upgrade your kernel to something modern. Is not related to the hardware. Both x_tables and nf_tables kernel subsystem received severe updates since 3.16. By mixing modern userspace components with old kernelside modules you are exposed to severe limitations to say the least. > > The main problem as I see it is that the packaging switched straight to > the -nft versions without sufficient checking that it was not breaking > the system by doing so. Surely there are tests that can be done on > install to select the auto/default flavour better? > I don't have time to work on such magic migration mechanisms. But as I said, your issue is not with iptables-nft or nftables itself. You are using a very old kernel which won't work. thanks!
