chillfan--- via Dng wrote on 16/2/19 10:25 am: > Of the most stupid thing to happen over an upgrade.. Debian have forcibly > broken a security feature. Which is to say, don't expect your firewall to > still be functioning when you upgrade to Buster. And expect it to cause > network failure. > > Short story, I upgraded an ascii system to Beowulf since Buster is now > entering soft freeze if Debian have kept to their timetable. But surprise of > all surprises, my network isn't working. > > Why? Because I restore my _iptables_ rules when bringing up interfaces. > Apparently you must now use nftables and this was causing the ifupdown > scripts to fail failure because the if-up script returns a failure. > > As far as I can see iptables is now called 'iptables-legacy' and 'iptables' > actually uses nft. But btw, iptables is not deprecated in the kernel at all. > > nft is very counter intuitive and nowhere near as simple as iptables, > actually I'd need a day off and then some to learn it. Before someone thinks > it it yes I know about the conversion tool but that's useless when you know > something sucks and you just don't want it to begin with.
I'm also(?) an iptables addict. But here's a related article https://lwn.net/Articles/747551 Ralph. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
