JSC-60962 Switch to nftables as kernel 6.8 doesn't support iptables f…

…ramework
wandera · Jan 8, 2025 · 0d83a67 · 0d83a67
1 parent 59c834c
commit 0d83a67
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 7 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -5,9 +5,7 @@ LABEL maintainer="Zircon team <[email protected]>"
 ARG JOOL_VER=4.1.13-r0
 
 RUN apk --no-cache add \
-    jool-tools=${JOOL_VER} \
-    iptables \
-    ip6tables
+    jool-tools=${JOOL_VER}
 
 COPY *.sh /
 RUN chmod +x /*.sh

diff --git a/setup.sh b/setup.sh
@@ -33,10 +33,7 @@ while [ $# -gt 0 ]; do
   shift
 done
 
-jool instance add --iptables --pool6 ${POOL6} default
+jool instance add --netfilter --pool6 ${POOL6} default
 jool global update lowest-ipv6-mtu ${LOWEST_IPV6_MTU}
 jool global update handle-rst-during-fin-rcv ${HANDLE_RST_DURING_FIN_RCV}
 jool global update drop-externally-initiated-tcp ${DROP_EXTERNALLY_INITIATED_TCP}
-
-iptables -t mangle -A PREROUTING -j JOOL
-ip6tables -t mangle -A PREROUTING -j JOOL