kernel 6.17 introduced a new option [code]CONFIG_NETFILTER_XTABLES_LEGACY[/code]. When it's not enabled, it will turn off the old options for IPTABLES_LEGACY.
This is a problem because the archlinux base install includes [code]iptables[/code] (i.e. "iptables-legacy") which relies on the legacy interface from the kernel.
One way to overcome this compatibility problem is to install [code]iptables-nft[/code] instead.
Another option is to enable the new [code]CONFIG_NETFILTER_XTABLES_LEGACY[/code] in the kernel package so the legacy IPTABLES_LEGACY options remain enabled.
@graysky2, should we just keep supporting the IPTABLES_LEGACY so users don't have to switch over to iptables-nft?
linux-aarch64-rc 6.17.rc1-1 and iptables compatibility
2 posts
• Page 1 of 1
linux-aarch64-rc 6.17.rc1-1 and iptables compatibility
by hyke » Tue Aug 12, 2025 3:11 am
Raspberry Pi 3 Model B Rev 1.2|Raspberry Pi Zero 2 W Rev 1.0|Hardkernel ODROID-HC4|Orange Pi 5|Orange Pi 5 Max
linux-rpi|linux-rpi|linux-aarch64|linux-opi5|linux-collabora:aarch64
linux-rpi|linux-rpi|linux-aarch64|linux-opi5|linux-collabora:aarch64
- hyke
- Posts: 22
- Joined: Sun Nov 10, 2013 2:26 am
Re: linux-aarch64-rc 6.17.rc1-1 and iptables compatibility
by graysky » Tue Aug 19, 2025 8:15 am
Let's see what Arch upstream does when 6.17 goes gold. For now I enabled it and the corresponding modules, see:make_clickable_callback(MAGIC_URL_FULL, ' ', 'https://github.com/archlinuxarm/PKGBUILDs/commit/38633d2ad82975f57c87eaba6900241bd9513d07', '', ' class="postlink"')
- graysky
- Developer
- Posts: 1878
- Joined: Sun Jun 26, 2011 6:56 am
- Location: /run/user/1000
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 60 guests