Hi! First of all, thanks for your work on libvirt, it is highly appreciated! When I wanted to create a new VM using virt-manager on my Debian Testing machine yesterday, I ran into the following problem: ~# virsh net-list --all Name State Autostart Persistent ---------------------------------------------- default inactive yes yes ~# virsh net-start default error: Failed to start network default error: internal error: Failed to apply firewall rules /usr/sbin/iptables --table filter --list-rules: iptables v1.8.6 (nf_tables): table `filter' is incompatible, use 'nft' tool. It turns out the Debian package for iptables includes two versions of iptables: iptables-nft and iptables-legacy. It looks like iptables-nft has been the default in Debian for a while, which led to the error above. After setting iptables-legacy to be the default and restarting the libvirtd service, everything worked as expected. But it did make me wonder, are there any plans to add a backend for nftables? Thanks, Aljoscha
