Based on the incus documentation, either firewall should work just fine > If your system supports and uses nftables, Incus detects this and switches to nftables mode. In this mode, Incus adds its rules into the nftables, using its own nftables namespace. (https://linuxcontainers.org/incus/docs/main/howto/network_bridge_firewalld/) but app-containers/incus exclusively depends on net-firewall/iptables. I actually even *use* nftables, but incus is still detecting xtables and only generating iptables rules... so now I have both iptables *and* nftables rules at the same time.k It also depends on net-firewall/ebtables which apparently is not required as of iptables 1.8.0 since xtables-nft-multi can stand in for eftables.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=12e6e498ef9c722f38f4356f317050d50023eae8 commit 12e6e498ef9c722f38f4356f317050d50023eae8 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2024-12-15 07:18:00 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2024-12-15 07:23:19 +0000 app-containers/incus: add 6.8 - add 'qemu' use flag to pull all necessary dependencies to allow managing qemu-based virtual machines in incus, - add new env.d file to set INCUS_EDK2_PATH so OVMF files are found when using virtual machines, - allow selecting between iptables and nftables. All possible changes are synced to the LTS release upon new LTS version release. Closes: https://bugs.gentoo.org/944335 Closes: https://bugs.gentoo.org/946184 Closes: https://bugs.gentoo.org/945768 Signed-off-by: Joonas Niilola <juippis@gentoo.org> app-containers/incus/Manifest | 2 + app-containers/incus/incus-6.8.ebuild | 228 ++++++++++++++++++++++++++++++++++ app-containers/incus/metadata.xml | 1 + 3 files changed, 231 insertions(+)
