New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable nftables support in kernel / module #1421

Closed
felixsanz opened this Issue Jun 23, 2016 · 7 comments

Comments

Projects
None yet
6 participants
@felixsanz

Issue Report

Feature Request

nf_tables module or kernel support for nftables.

Environment

All

Desired Feature

nftables

Other Information

Reproduce in toolbox:

  1. dnf install nftables
  2. nft -f /etc/nftables/ipv4-filter # Error

Check:

modprobe nf_tables
modprobe: FATAL: Module nf_tables not found.
@TerraTech

This comment has been minimized.

Show comment
Hide comment
@TerraTech

TerraTech Oct 30, 2016

@crawford would this include the 'nft' binary in addition to enabling it in the kernel?

@crawford would this include the 'nft' binary in addition to enabling it in the kernel?

@crawford

This comment has been minimized.

Show comment
Hide comment
@crawford

crawford Nov 1, 2016

Member

We could probably include nft, but I'm not certain yet.

Member

crawford commented Nov 1, 2016

We could probably include nft, but I'm not certain yet.

@sanmai-NL

This comment has been minimized.

Show comment
Hide comment
@sanmai-NL

sanmai-NL May 26, 2017

@crawford: What factors hold this up or need to be cleared up?

@crawford: What factors hold this up or need to be cleared up?

@crawford

This comment has been minimized.

Show comment
Hide comment
@crawford

crawford Jun 2, 2017

Member

We just need to take a look at the nft binary and make sure it's not doing anything crazy. It's very unlikely that anything will come up, but we have to take a look (and haven't had time yet).

Member

crawford commented Jun 2, 2017

We just need to take a look at the nft binary and make sure it's not doing anything crazy. It's very unlikely that anything will come up, but we have to take a look (and haven't had time yet).

@sanmai-NL

This comment has been minimized.

Show comment
Hide comment
@sanmai-NL

sanmai-NL Jul 12, 2017

@crawford: can anyone help you with this process?

@crawford: can anyone help you with this process?

@crawford

This comment has been minimized.

Show comment
Hide comment
Member

crawford commented Jul 12, 2017

@bgilbert

This comment has been minimized.

Show comment
Hide comment
@bgilbert

bgilbert Jul 26, 2017

Member

This is done in coreos/coreos-overlay#2662 and should be included in 1492.0.0. For now, we'll be shipping the nft binary and the default rulesets (the latter in /usr/share/nftables) but no automation to save rules at shutdown or restore them at startup.

Member

bgilbert commented Jul 26, 2017

This is done in coreos/coreos-overlay#2662 and should be included in 1492.0.0. For now, we'll be shipping the nft binary and the default rulesets (the latter in /usr/share/nftables) but no automation to save rules at shutdown or restore them at startup.

@bgilbert bgilbert closed this Jul 26, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment