I just installed a new Debian 10 and realized that both nftables and iptables are active and somehow my IPTables rules get mixed up and don't work properly.
How can I completely disable nftables and use IPTables-only instead?
Asked
Active
Viewed 1.5k times
3
-
iptables is deprecated and going away. If you have iptables rules, they should have been automatically copied to the corresponding nft tables. We are all going to have to learn nftables; you may as well start now. – Michael Hampton Jul 14 '20 at 13:13
2 Answers
3
At least for Debian 10 this should work:
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
update-alternatives --set arptables /usr/sbin/arptables-legacy
update-alternatives --set ebtables /usr/sbin/ebtables-legacy
See also: https://wiki.debian.org/nftables
Ajay Singh
- 297
- 1
- 3
- 13
Beko Pharm
- 306
- 1
- 6
2
For anyone who might find this, I tried the solution above, but had a further issue after running update-alternatives where I got this error:
update-alternatives: error: alternative /usr/sbin/iptables-legacy for iptables not registered; not setting
The solution was to manually add it as an alternative:
sudo update-alternatives \
--install /usr/sbin/iptables iptables /usr/sbin/iptables-legacy 10 \
--slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-legacy-restore \
--slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-legacy-save
Dave
- 153
- 4