Felix, thank you for the heads up,
I need legacy-only behavior. Can you tell us what the versions
numbers will be for this switch so we can make sure we can install
iptables-legacy and remove iptables when the change is made.
Also, to preserve the current iptables behavior is there anything
other than installing iptables-legacy necessary?
-------- Forwarded Message --------
Subject: News draft: iptables now defaults to the nft backend
Date: Thu, 2 Apr 2026 14:56:21 +0800
From: Felix Yan <[email protected]>
To: arch-dev-public <[email protected]>
The old iptables-nft package name is replaced by iptables, and the
legacy backend is available as iptables-legacy.
When switching packages (among iptables-nft, iptables, iptables-legacy),
check for .pacsave files in /etc/iptables/ and restore your rules if needed:
- /etc/iptables/iptables.rules.pacsave
- /etc/iptables/ip6tables.rules.pacsave
Most setups should work unchanged, but users relying on uncommon xtables
extensions or legacy-only behavior should test carefully and use
iptables-legacy if required.
--
Regards,
Felix Yan
--
David C. Rankin, J.D.,P.E.
