Hi Arturo, On Wed, Sep 30, 2020 at 11:58:52AM +0200, Arturo Borrero Gonzalez wrote: > I discovered my openstack neutron linuxbridge-agent malfunctioning when using > iptables-nft and it seems this ruleset is causing the issue: The problem is the '-' policy in builtin chains. Maybe I broke that a while ago. I tried to come up with a fix, but it seems iptables-legacy-restore is a bit quirky: it leaves the chain's policy untouched, although --noflush was not given. Implementing this is a bit problematic with how iptables-nft does the caching. Cheers, Phil
