Thomas Groman via Dng wrote: > I upgraded one of my larger and more complex servers from ASCII to > Beowulf. Switching to NFT was very easy after the upgrade. Just create > the rules, (have flush have the beginning), remove the iptables > if-pre-up hook if you made one, copy the example init script from > /usr/share/doc/nftables/example, set it executable, and rc-update add > nftables default. then openrc to bring the system to the new defined > default runlevel
I upgraded to beowulf without reading the changes and was mystified that my self-written firewall scripts as well as others such as ufw and arno firewall stopped working. What was necessary to fix them was to create a link /etc/alternatives/iptables to /usr/sbin/iptables-legacy. Have fun (and working firewalls) -- Joel Roth _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
