The nat fiddles are not visible inside the container network namespace. Thus I am wondering if there is an odd interaction between namespace, nftables based iptables vs legacy iptables. I.e. whilst the host is configured using legacy iptables, maybe the lxd guests must be using legacy iptables too.
I'll experiment to see if forcing to simply only use iptables-legacy inside the lxd guest is good enough for now. Despite the hosts getting upgraded to bionic. Cause it's only groovy that started to use nftables based iptables. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1917920 Title: magic-proxy broke with iptables 1.8.7-1ubuntu2 To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad-buildd/+bug/1917920/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
