Package: iptables Version: 1.4.21-2+b1 Severity: wishlist Tags: upstream Dear maintainer,
the Netfilter project is releasing iptables 1.6.0 upstream. At the time of this bug report, the git history shows the commit, but the final tarball doesn't seem to be released yet. This new release comes with big changes, the main one being the compatibility stuff for nftables. Please note that users are not meant to mix iptables & nftables rulesets, so enabling the compat layer will be a big step. Among other things, it will mean that iptables users will be no longer using the iptables kernel modules, but the nf_tables subsystem. >From my point of view, this has to be carefully thought-out for debian stretch. The compat layer include in the iptables tarball includes replacement for all Netfilter families: * ebtables * arptables * iptables * ip6tables Some of them are currently provided in different source packages. To build the nftables compat tools you will need libnftnl as build-dep. So, this is likely a big transition in debian. Please, let me know if you need any help. Further discussion welcome. best regards.
