Bug#952520: lxc-net: native nftables support

[Pierre-Elliott Bécue]

Le mardi 25 février 2020 à 10:40:12+0100, Santiago R.R. a écrit :
> Source: lxc
> Version: 1:3.1.0+really3.0.4-2
> Severity: wishlist
> Tags: upstream
> 
> Since 0.9.1-3 [1], nftables' priority has been bumped up to important,
> remplacing iptables as default netfilter admin tool.
> 
> [1] 
> https://tracker.debian.org/news/1054941/accepted-nftables-091-3-source-into-unstable/
> 
> Currently, /usr/libexec/lxc/lxc-net relies on iptables, and it would be
> nice if it could natively manage the rules using nft.

Thanks for your email.

Have you considered bringing this on upstream's github repository?

Cheers!

-- 
Pierre-Elliott Bécue
GPG: 9AE0 4D98 6400 E3B6 7528  F493 0D44 2664 1949 74E2
It's far easier to fight for one's principles than to live up to them.


signature.asc
Description: PGP signature

Bug#952520: lxc-net: native nftables support

[Santiago R.R.]

Source: lxc
Version: 1:3.1.0+really3.0.4-2
Severity: wishlist
Tags: upstream

Since 0.9.1-3 [1], nftables' priority has been bumped up to important,
remplacing iptables as default netfilter admin tool.

[1] 
https://tracker.debian.org/news/1054941/accepted-nftables-091-3-source-into-unstable/

Currently, /usr/libexec/lxc/lxc-net relies on iptables, and it would be
nice if it could natively manage the rules using nft.

Cheers,

 -- S

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8), 
LANGUAGE=es_CO.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled


signature.asc
Description: PGP signature