Hi Pablo, On Wed, Aug 15, 2018 at 12:17:28PM +0200, Pablo Neira Ayuso wrote: > On Tue, Aug 14, 2018 at 08:16:11PM +0200, Phil Sutter wrote: > > Hi Arturo, > > > > I see that in your commit[1] you explicitly disable policy setting for > > user-defined ebtables chains. Is this because ebtables-nft can't support > > them or was it a design decision? I'm asking because it leads to > > unexpected results for people using ebtables-nft as a drop-in > > replacement of the legacy ebtables tool. > > Kernel side currently doesn't support default policy for non-base > chains, we would need a patch to support this.
I see. Thanks for the clarification! Eric, can we get by without this (yet another) ebtables quirk or is it mandatory for firewalld functionality? Cheers, Phil
