[Swan] iptables

manfred mx2927 at gmail.com
Sat Sep 23 17:58:30 EEST 2023 

As a suggestion, it may be useful for config.mk to have a comment list 
of USE_* and HAVE_* variables that may be enabled in the right place.


On 9/23/2023 10:50 AM, manfred wrote:
> mk/defaults/linux.mk has this:
> 
> ifneq ($(HAVE_NFTABLES), true)
>    HAVE_IPTABLES ?= true
> endif
> 
> So, most likely you have to define:
> 
> HAVE_NFTABLES ?= true
> 
> early in config.mk.
> 
> 
> On 9/23/2023 8:49 AM, Armen Dilanyan wrote:
>> Can you please specify what needs to be edited in the mk/config.mk file?
>> Remove the lines from the file:
>> /*-e "s:@HAVE_IPTABLES@:$(HAVE_IPTABLES):g" \*/
>> and
>> /*# iptables for CAT, or NFLOG, look, barf, verify*/
>> /*HAVE_IPTABLES ?= false*/
>> /*ifeq ($(HAVE_IPTABLES),true)*/
>> /*USERLAND_CFLAGS += -DHAVE_IPTABLES*/
>> /*endif*/
>> 23.09.2023, 18:24, "Paul Wouters" <paul at nohats.ca>:
>>
>>     There is an option to build with nftables that can be enabled. See
>>     mk/config.mk
>>
>>     Sent using a virtual keyboard on a phone
>>
>>           On Sep 23, 2023, at 05:24, Armen Dilanyan <ad at 2ip.am
>>         <mailto:ad at 2ip.am>> wrote:
>>
>>           
>>           Hello dear community,
>>
>>           I would like to discuss an important matter with you.
>>
>>           Currently, Libreswan has a dependency on the iptables package.
>>         However, in recent versions of the GNU/Debian operating system,
>>         iptables is no longer installed by default, and it has been
>>         replaced by nftables. The developers of netfilter are planning
>>         to fully replace iptables with nftables in the future.
>>         Installing both iptables and nftables simultaneously may not be
>>         practical.
>>
>>           My question is whether Libreswan is considering the
>>         possibility of removing its dependency on iptables and
>>         transitioning to using nftables. Is it possible to build the
>>         Libreswan package from source without the iptables dependency?
>>
>>           I appreciate your attention to this matter and look forward to
>>         hearing your insights.
>>           _______________________________________________
>>           Swan mailing list
>>         Swan at lists.libreswan.org <mailto:Swan at lists.libreswan.org>
>>         https://lists.libreswan.org/mailman/listinfo/swan
>>         <https://lists.libreswan.org/mailman/listinfo/swan>
>>
>>
>> _______________________________________________
>> Swan mailing list
>> Swan at lists.libreswan.org
>> https://lists.libreswan.org/mailman/listinfo/swan

More information about the Swan mailing list