[arch-dev-public] Dropping arptables/ebtables

David Runge dave at sleepmap.de
Fri Dec 11 11:05:23 UTC 2020

On 2020-12-11 10:28:27 (+0100), Sébastien Luttringer via arch-dev-public wrote:
> I would like stop maintaining arptables and ebtables and drop them in
> [unsupported].
> The future in the linux kernel is clearly nftables and keeping them in the
> repository present is of little interest these days.
> ebtables is still an hard dependency on others packages, but the iptables-nft
> package ship a remplacement based on nftables. I have not tested the
> compatibility, so if someone think it's not possible, please let me know.

I believe kubelet does not work with nftables (yet). There needs to be
testing for this.
It seems lxd is also affected.

> If you have spare time, I suggest you take a look at the nftable package and
> become a master in nft-fu. It is much more convenient and efficient than the
> iptables / ipset / ebtables / arptables solution. For the less enthusiastic
> about the command line, firewalld has an nftables backend.

I agree. I have been using it on all of my machines for quite some time.
Especially in the last two years the upstream wiki documentation has
also improved significantly.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20201211/8bab264b/attachment.sig>

More information about the arch-dev-public mailing list