Thanks. But I'm using recent match. I can't switch to nftables if recent match is not supported yet... Emilio Augusto Lazo Zaia On 3/10/20 8:58 a. m., Reindl Harald wrote: > > Am 03.10.20 um 07:40 schrieb Emilio Augusto Lazo Zaia: >> When is supposed to be dropped the iptables support in Linux kernel in favor of nft? Currently I'm using iptables in many servers! > in 99% of all cases with a recent distribution you can just switch to > iptables-nft and are done > > at boot (it can restore iptables-legacy rules): > /usr/sbin/iptables-nft-restore /etc/sysconfig/iptables > > after that: > alternatives --config iptables > alternatives --config arptables > alternatives --config ebtables > > switch to nft backend and now your well known "iptables" commands will > use the "nft" backend behind the scenes > > done that months ago on all Fedora 31 servers here while iptables-nft is > the default starting with Fedora 32 > >
