Include nftables and appropriate modules. Translate ip- and ebtables
rules to their nftables counterparts. Remove ip/ebtables and modules.
This change intentionally tries to keep structural changes at a minimum
to keep the rule translation comprehensible.
kmod-nft-bridge is not required for fff-node, because it was merged into
a single kernel module since Linux 4.17:
[1] 02c7b25e5f
[2] fbaf48387eFixes: #252
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Co-authored-by: Johannes Kimmel <fff@bareminimum.eu>
With this patch all installed tables are flushed.
We no longer have to worry about the modules
installed or not. (nat, mangle ...)
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
Tested-by: Christian Dresel <fff@chrisi01.de>
- moves the node<-->client ra rules to package fff-uradvd
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Tobias Klaus <tk+ff@meskal.net>
Reviewed-by: Jan Kraus <mayosemmel@gmail.com>