Thanks, should have read the FAQ before asking... Is there a clean way to notify a kernel module whenever an iptables rule changes (e.g. without nftables / in kernels <3.13) ? Best Regards, Tomer On Mon, Dec 15, 2014 at 5:01 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Mon, Dec 15, 2014 at 04:33:59PM +0200, Tomer Eliyahu wrote: >> Hi, >> >> Regarding applications which use libiptc directly, such as openwrt's >> firewall package - does the iptables-nftables compatibility layer >> support translating libiptc calls to nftables calls? > > No. > >> If not - is there any plan to add such support or should every such >> application be upgraded for nftables support? > > No plans to support that. Unfortunately that library was not ever > intended to be a public library: > > http://www.netfilter.org/documentation/FAQ/netfilter-faq-4.html#ss4.5 > > The official public interface so far is iptables-restore. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
