Hi
The Debian Kernel team decided to deprecate and remove support for the
legacy interfaces used by iptables, arptables and ebtables from the
kernel. The replacement nftables compatibility layer was introduced
around 2016. It is finally time to try and get rid of the legacy
interfaces, which are now disabled by default in the kernel.
Our plan is to drop usage in all packages and the binaries for forky.
We will then go and remove the kernel support itself after the release
of forky. So in forky, using legacy iptables will still work, but
Debian will not provide any support and consider it deprecated.
There are some packages that hardcode the use of iptables-legacy. In
those cases just using the non-legacy counterparts should work. It just
needs a reboot to get rid of the old incompatible rules loaded into the
kernel.
Bastian
--
There are always alternatives.
-- Spock, "The Galileo Seven", stardate 2822.3
Adrian Vondendriesch <[email protected]>
resource-agents (U)
Alberto Molina Coballes <[email protected]>
arptables (U)
ebtables (U)
iptables (U)
Arnaud Rebillout <[email protected]>
docker.io (U)
Arturo Borrero Gonzalez <[email protected]>
iptables (U)
Axel Beckert <[email protected]>
iptables-netflow
Cyril Brulebois <[email protected]>
crowdsec-firewall-bouncer (U)
Debian Edu Developers <[email protected]>
debian-edu-router
Debian Go Packaging Team <[email protected]>
crowdsec-firewall-bouncer
docker.io
golang-github-containerd-stargz-snapshotter
golang-github-containernetworking-plugins
golang-gvisor-gvisor
incus
Debian HA Maintainers <[email protected]>
resource-agents
Debian Netfilter Packaging Team <[email protected]>
arptables
ebtables
iptables
Debian Netfilter Packaging Team <[email protected]>
arptables
iptables
Debian OpenStack <[email protected]>
neutron
nova
openstack-cluster-installer
Dmitry Smirnov <[email protected]>
docker.io (U)
golang-github-containernetworking-plugins (U)
Free Ekanayaka <[email protected]>
incus (U)
gustavo panizzo <[email protected]>
nova (U)
Gustavo Panizzo <[email protected]>
neutron (U)
Ivan Udovichenko <[email protected]>
neutron (U)
Jamie Bliss <[email protected]>
golang-github-containernetworking-plugins (U)
Jamie Strandboge <[email protected]>
ufw
Jeremy Sowden <[email protected]>
arptables (U)
ebtables (U)
iptables (U)
Jeremy Sowden <[email protected]>
ebtables (U)
Jerome Benoit <[email protected]>
firehol
John Goerzen <[email protected]>
golang-gvisor-gvisor (U)
Laurence J. Lane <[email protected]>
iptables (U)
Mathias Gibbens <[email protected]>
incus (U)
lxc-ci (U)
Michal Arbet <[email protected]>
neutron (U)
nova (U)
Mike Gabriel <[email protected]>
debian-edu-router (U)
uif
Nicolas Braud-Santoni <[email protected]>
golang-github-containernetworking-plugins (U)
Paul Tagliamonte <[email protected]>
docker.io (U)
pkg-lxc <[email protected]>
lxc-ci
Puppet Package Maintainers <[email protected]>
puppet-module-puppetlabs-firewall
Reinhard Tartler <[email protected]>
docker.io (U)
golang-github-containerd-stargz-snapshotter (U)
Sebastien Badia <[email protected]>
puppet-module-puppetlabs-firewall (U)
Shengjing Zhu <[email protected]>
golang-gvisor-gvisor (U)
Stig Sandbeck Mathisen <[email protected]>
puppet-module-puppetlabs-firewall (U)
strongSwan Maintainers <[email protected]>
strongswan
Thomas Goirand <[email protected]>
neutron (U)
nova (U)
openstack-cluster-installer (U)
Tianon Gravi <[email protected]>
docker.io (U)
Tim Potter <[email protected]>
docker.io (U)
Valentin Vidic <[email protected]>
resource-agents (U)
Vincent Bernat <[email protected]>
keepalived
Ying-Chun Liu (PaulLiu) <[email protected]>
android-cuttlefish
Yves-Alexis Perez <[email protected]>
strongswan (U)
