Control: reopen -1 On Thu, Oct 23, 2025 at 08:21:43PM +0200, Ben Hutchings wrote: > There was an intentional change upstream: there is a new symbol > CONFIG_NETFILTER_XTABLES_LEGACY that iptables etc. depend on, and it is > off by default. But we certainly shouldn't break libvirt, so I think we > need to turn that back on for now.
And this problem is actually unrelated. We don't actually set NETFILTER_XT_TARGET_MASQUERADE in our config. So it ends up disabled as we also override the default selection with NETFILTER_ADVANCED=y. | % git grep -E 'NETFILTER_ADVANCED|NETFILTER_XT_TARGET_MASQUERADE' | debian/config/config:CONFIG_NETFILTER_ADVANCED=y | % Bastian -- Mind your own business, Spock. I'm sick of your halfbreed interference.
