nftables does not read its conf file

Bonjour,

I try to have nftables as my default firewal on omv, but someone (?) has written something somewhere that prevent nftables to read its configation file (/etc/nftables.conf).

Whatever I write in this configation file, nft list ruleset -a returns:

table inet filter { # handle 40

chain input { # handle 1

type filter hook input priority 0; policy accept;

}

chain forward { # handle 2

type filter hook forward priority 0; policy accept;

}

chain output { # handle 3

type filter hook output priority 0; policy accept;

}

}

Thank you.

F.P.

Bonjour,

Nobody answered, so I give what I have done to use nftables.

1- I deleted iptables alternatives:

update-alternatives --remove iptables /usr/sbin/iptables-legacy

update-alternatives --remove iptables /usr/sbin/iptables-nft

Same for ip6tables:

update-alternatives --remove ip6tables /usr/sbin/ip6tables-legacy

update-alternatives --remove ip6tables /usr/sbin/ip6tables-nft

2- I removed x-permissions from script

/etc/iptables/openmediavault-firewall.sh

chmod u-x g-x a-x /etc/iptables/openmediavault-firewall.sh

3- I deleted all lines between <iptables> and </iptables> in xml config file /etc/openmediavault/config.xml

4- I removed all kernel modules concerning iptables with rmmod

And, at last, I could configure nftables.... and get it working.

Next time I will remove iptables packages...

That's all.

F.P.

Zitat von ryecoaaron

Do that and you will remove OMV itself - https://github.com/openmediava…avault/debian/control#L18

Don't worry!

dpkg -r --force-depends iptables

does the job and: apt list --installed | grep mediav gives:

openmediavault-keyring/usul,usul,now 1.0 all [installé]

openmediavault/now 5.5.21-1 all [installé, pouvant être mis à jour vers : 5.5.22-1]