On Fri, Feb 15, 2019 at 11:25:36PM +0000, chillfan--- via Dng wrote: > Of the most stupid thing to happen over an upgrade.. Debian have forcibly > broken a security feature. Which is to say, don't expect your firewall to > still be functioning when you upgrade to Buster. And expect it to cause > network failure. > > Short story, I upgraded an ascii system to Beowulf since Buster is now > entering soft freeze if Debian have kept to their timetable. But surprise of > all surprises, my network isn't working. > > Why? Because I restore my _iptables_ rules when bringing up interfaces. > Apparently you must now use nftables and this was causing the ifupdown > scripts to fail failure because the if-up script returns a failure. > > As far as I can see iptables is now called 'iptables-legacy' and 'iptables' > actually uses nft. But btw, iptables is not deprecated in the kernel at all. > > nft is very counter intuitive and nowhere near as simple as iptables, > actually I'd need a day off and then some to learn it. Before someone thinks > it it yes I know about the conversion tool but that's useless when you know > something sucks and you just don't want it to begin with. >
chillfan, I have several beowulf machines and all use iptables, and none of them has had that issue. Maybe I have not apt-get updated recently. Could it just be a quirk of if-up? Shall we try to track the issue down? On another note: before a useless ranftul flame gets started, please note that as chillfan said iptables is not going away from the Linux kernel. My2Cents KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ]
signature.asc
Description: PGP signature
_______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
