ALT Linux Bugzilla – Full Text Bug Listing
| Summary: | Реализовать переключение iptables между xtables-legacy-multi и xtables-nft-multi через alternatives | ||
|---|---|---|---|
| Product: | Sisyphus | Reporter: | geochip <geochip> |
| Component: | iptables | Assignee: | placeholder <placeholder> |
| Status: | NEW --- | QA Contact: | qa-sisyphus |
| Severity: | enhancement | ||
| Priority: | P5 | CC: | glebfm, ldv, placeholder, vt |
| Version: | unstable | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
Предлагается реализовать возможность назначать симлинки /usr/sbin/ip{,6}tables{,-restore,-save} на xtables-legacy-multi или xtables-nft-multi через alternatives. Это должно упростить переключение между legacy и nft. Для совместимости можно выставить legacy более высокий приоритет. Подобным образом сделано, например, в debian и fedora. fedora: ``` # alternatives --display iptables iptables - status is auto. link currently points to /usr/bin/iptables-legacy /usr/bin/iptables-legacy - priority 10 follower ip6tables: /usr/bin/ip6tables-legacy follower ip6tables-restore: /usr/bin/ip6tables-legacy-restore follower ip6tables-save: /usr/bin/ip6tables-legacy-save follower iptables-restore: /usr/bin/iptables-legacy-restore follower iptables-save: /usr/bin/iptables-legacy-save /usr/bin/iptables-nft - priority 10 follower ip6tables: /usr/bin/ip6tables-nft follower ip6tables-restore: /usr/bin/ip6tables-nft-restore follower ip6tables-save: /usr/bin/ip6tables-nft-save follower iptables-restore: /usr/bin/iptables-nft-restore follower iptables-save: /usr/bin/iptables-nft-save Current `best' version is /usr/bin/iptables-legacy. ``` debian ``` # update-alternatives --display iptables iptables - auto mode link best version is /usr/sbin/iptables-nft link currently points to /usr/sbin/iptables-nft link iptables is /usr/sbin/iptables slave iptables-restore is /usr/sbin/iptables-restore slave iptables-save is /usr/sbin/iptables-save /usr/sbin/iptables-legacy - priority 10 slave iptables-restore: /usr/sbin/iptables-legacy-restore slave iptables-save: /usr/sbin/iptables-legacy-save /usr/sbin/iptables-nft - priority 20 slave iptables-restore: /usr/sbin/iptables-nft-restore slave iptables-save: /usr/sbin/iptables-nft-save ```