nft is a replacement for iptables, and some distributions (e.g. Debian) prefer using nft since it is more capable and advanced.
I think it is important to use nft first if it is installed on the system, then fallback to iptables; rather than in the opposite order. I suggest that it is better to modify the patch to support iptables just in case nft is not pre-installed on some distros. Best regards On Mon, Dec 9, 2019 at 6:59 PM Jörg Thalheim <[email protected]> wrote: > > > Have you tried if iptables-nftables-compat (might have different names, > depending distribution) works for the rules used in wg-quick? > Its a wrapper that translate iptables rules to nft transparently > by providing a iptables executable. > > > Julian Wollrath <[email protected]> writes: > > > Hi, > > > > with the newest snapshot wg-quick unfortunately requires iptables while > > I only have nftables installed. The attached diff handles the rules > > with nftables instead, maybe somebody finds it useful. The small caveat > > is, that the rule deletion might not work for everyone. > > > > > > Cheers, > > Julian > > _______________________________________________ > WireGuard mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/wireguard _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
