Adding an nftables backend in addition to iptables?
Laine Stump
laine at redhat.com
Tue Jan 12 04:45:58 UTC 2021
On 1/11/21 1:55 PM, Aljoscha Lautenbach wrote:
> Hi,
>
> sorry for the noise, I just want to follow up with the solution in
> case someone else runs into this problem and finds this thread.
>
> It turns out this is not a bug, but intended behaviour by iptables: If
> you have used nft to create the same tables that iptables uses,
> iptables-nft refuses to work with those. At some point I converted my
> iptables rules to nft rules using "iptables-translate", which ends up
> using the same namespace. In other words, the solution was to rename
> the tables in my firewall rules.
Interesting! Thanks so much for taking the often-forgotten step of
getting back to us with the new information! It will make it much easier
to deal with the next time someone reports the same problem.
>
> Once again, thanks for your work on libvir! :)
>
> Best regards,
> Aljoscha
>
More information about the libvir-list
mailing list