Hello, I have a homelab with a bunch of rocky vms where I use the elrepo kernel-ml kernel, noticed this morning an error with the xt_mark module, saying it doesn't recognize the --xor-mark option ... E1018 15:18:11.083644 1 proxier.go:1432] "Failed to execute iptables-restore" err=< exit status 2: Warning: Extension MARK revision 0 not supported, missing kernel module? ip6tables-restore v1.8.8 (nf_tables): unknown option "--xor-mark" Error occurred at line: 11 Try `ip6tables-restore -h' or 'ip6tables-restore --help' for more information. I think it has to do with this commit but I could be terribly wrong: ... netfilter: xtables: avoid NFPROTO_UNSPEC where needed [ Upstream commit 0bfcb7b71e735560077a42847f69597ec7dcc326 ] ... It's only those two newest kernels with that commit, if I revert back to the prior version, the application (kube-proxy for kubernetes) operates correctly.
