Update iptables systemd unit to use new version of iptables-restore
Since Debian Buster, old iptables
/xtables
(legacy) and new nftables
frameworks can be used in parallel.
We chose to use the legacy framework (see !399 (merged)),
but since the introduction of Docker in the SDK (767b7717), which set its
specific rules using nftables
, this breaks the connman tethering as there
are two sets running.
iptables-nft-restore
is able to apply iptables rules to nftables
.
/usr/sbin/iptables-restore
is a symlink to
/etc/alternatives/iptables-restore
which in turn is a symlink to
/usr/sbin/iptables-nft-restore
. Same for /usr/sbin/ip6tables-restore
.
Replacing iptables-legacy-restore
by iptables-restore
allows to use
the nftables
only.
https://phabricator.apertis.org/T8361
Signed-off-by: Frédéric Danis frederic.danis@collabora.com