Page 2 of 2

Re: Debian 10 "Buster"

Posted: 17 Jul 2019, 03:23
by fredrikj
MouettE wrote:
16 Jul 2019, 21:44
I've compiled a new version with the missing nftables modules. Let me know how it goes...
It works! With the new kernel /etc/nftables.conf loaded without errors and my wifi and lan traffic is now masqueraded by nftables as they previously were with iptables. Thank you.

For the record, heres how I migrated from legacy iptabes to nftables.

CAVEAT EMPTOR! I'm a complete nftables newbie. Do not blindly copy commands from the internet. If^H^Hwhen something breaks you get to keep both pieces. No refunds!

• install the nftables package
• use the following command to convert your current iptables rules to nftables format.

Code: Select all

iptables-save | iptables-restore-translate -f /dev/stdin
• verify that the generated nftables rules seems reasonable.
• add the output from the command to the file /etc/nftables.conf
• remove all currently active iptables rules, ie iptables -F.
• load the nftables rules, ie systemctl start nftables.
• verify that it works as expected.
• remove whatever script you used to load iptables rules.

Re: Debian 10 "Buster"

Posted: 18 Jul 2019, 15:25
by MouettE
The new kernel is now in the repository.

Thanks for your return !