From: Michael Tremer Date: Sun, 18 Jan 2026 12:24:59 +0000 (+0000) Subject: Revert "iptables: Migrate towards nftables" X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eac7c0c2931fa1b6e085e22f5219d55b8b918627;p=ipfire-2.x.git Revert "iptables: Migrate towards nftables" This reverts commit 73dac3a63e37605d4145479bb43b4761a4e26575. Signed-off-by: Michael Tremer --- diff --git a/config/rootfiles/common/iptables b/config/rootfiles/common/iptables index fa4ecefed..06e4ab7b4 100644 --- a/config/rootfiles/common/iptables +++ b/config/rootfiles/common/iptables @@ -1,4 +1,3 @@ -etc/ethertypes #lib/libip4tc.la lib/libip4tc.so lib/libip4tc.so.2 @@ -16,23 +15,6 @@ lib/libxtables.so lib/libxtables.so.12 lib/libxtables.so.12.7.0 #lib/xtables -lib/xtables/libarpt_mangle.so -lib/xtables/libebt_802_3.so -lib/xtables/libebt_among.so -lib/xtables/libebt_arp.so -lib/xtables/libebt_arpreply.so -lib/xtables/libebt_dnat.so -lib/xtables/libebt_ip.so -lib/xtables/libebt_ip6.so -lib/xtables/libebt_log.so -lib/xtables/libebt_mark.so -lib/xtables/libebt_mark_m.so -lib/xtables/libebt_nflog.so -lib/xtables/libebt_pkttype.so -lib/xtables/libebt_redirect.so -lib/xtables/libebt_snat.so -lib/xtables/libebt_stp.so -lib/xtables/libebt_vlan.so lib/xtables/libip6t_DNPT.so lib/xtables/libip6t_HL.so lib/xtables/libip6t_NETMAP.so @@ -139,49 +121,23 @@ lib/xtables/libxt_time.so lib/xtables/libxt_tos.so lib/xtables/libxt_u32.so lib/xtables/libxt_udp.so -sbin/arptables -#sbin/arptables-nft -#sbin/arptables-nft-restore -#sbin/arptables-nft-save -sbin/arptables-restore -sbin/arptables-save -#sbin/arptables-translate -sbin/ebtables -#sbin/ebtables-nft -#sbin/ebtables-nft-restore -#sbin/ebtables-nft-save -sbin/ebtables-restore -sbin/ebtables-save -#sbin/ebtables-translate sbin/ip6tables sbin/ip6tables-apply #sbin/ip6tables-legacy #sbin/ip6tables-legacy-restore #sbin/ip6tables-legacy-save -#sbin/ip6tables-nft -#sbin/ip6tables-nft-restore -#sbin/ip6tables-nft-save sbin/ip6tables-restore -#sbin/ip6tables-restore-translate sbin/ip6tables-save -#sbin/ip6tables-translate sbin/iptables sbin/iptables-apply #sbin/iptables-legacy #sbin/iptables-legacy-restore #sbin/iptables-legacy-save -#sbin/iptables-nft -#sbin/iptables-nft-restore -#sbin/iptables-nft-save sbin/iptables-restore -#sbin/iptables-restore-translate sbin/iptables-save -#sbin/iptables-translate sbin/iptables-xml #sbin/nfnl_osf -#sbin/xtables-legacy-multi -sbin/xtables-monitor -sbin/xtables-nft-multi +sbin/xtables-legacy-multi #usr/include/libipq.h #usr/include/libiptc #usr/include/libiptc/ipt_kernel_headers.h @@ -208,30 +164,16 @@ sbin/xtables-nft-multi #usr/share/man/man3/ipq_set_mode.3 #usr/share/man/man3/ipq_set_verdict.3 #usr/share/man/man3/libipq.3 -#usr/share/man/man8/arptables-nft-restore.8 -#usr/share/man/man8/arptables-nft-save.8 -#usr/share/man/man8/arptables-nft.8 -#usr/share/man/man8/arptables-translate.8 -#usr/share/man/man8/ebtables-nft.8 -#usr/share/man/man8/ebtables-translate.8 #usr/share/man/man8/ip6tables-apply.8 -#usr/share/man/man8/ip6tables-restore-translate.8 #usr/share/man/man8/ip6tables-restore.8 #usr/share/man/man8/ip6tables-save.8 -#usr/share/man/man8/ip6tables-translate.8 #usr/share/man/man8/ip6tables.8 #usr/share/man/man8/iptables-apply.8 #usr/share/man/man8/iptables-extensions.8 -#usr/share/man/man8/iptables-restore-translate.8 #usr/share/man/man8/iptables-restore.8 #usr/share/man/man8/iptables-save.8 -#usr/share/man/man8/iptables-translate.8 #usr/share/man/man8/iptables.8 #usr/share/man/man8/nfnl_osf.8 -#usr/share/man/man8/xtables-legacy.8 -#usr/share/man/man8/xtables-monitor.8 -#usr/share/man/man8/xtables-nft.8 -#usr/share/man/man8/xtables-translate.8 #usr/share/xtables usr/share/xtables/iptables.xslt usr/share/xtables/pf.os diff --git a/lfs/iptables b/lfs/iptables index 069813733..e8c4069d6 100644 --- a/lfs/iptables +++ b/lfs/iptables @@ -89,15 +89,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --bindir=/sbin \ --sbindir=/sbin \ --mandir=/usr/share/man \ - --sysconfdir=/etc \ - --enable-nftables \ + --disable-nftables \ --with-pkgconfigdir=/usr/lib/pkgconfig cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install - # Use iptables-nft by default - ln -svf xtables-nft-multi /sbin/iptables - @rm -rf $(DIR_APP) $(DIR_SRC)/netfilter-layer7* @$(POSTBUILD)