Upgrading to iptables-1.8.9-r4 loses all firewall rules
After upgrading iptables to 1.8.9-r4, and rebooting as instructed, /etc/iptables/rules-save is empty and no firewall rules are loaded.
To replicate:
- Install Alpine 3.18.0
- Install iptables and add it to init
apk add iptables && rc-update add iptables
- Add a firewall rule, e.g.
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
- Save firewall rules
rc-service iptables save
- Reboot. The firewall rules are loaded succesfully off-disk (see
iptables -S
) - Update to Edge
sed -i 's,v3\.18,edge,' /etc/apk/repositories && apk update && apk add --upgrade apk-tools && apk upgrade --available
- Reboot as instructed by iptables-1.8.9-r4.post-upgrade. This ends up running
rc-service iptables stop
, which gives the error message "iptables-save/1.8.9 (nf_tables) Failed to initialize nft: Protocol not supported" and empties the /etc/iptables/rules-save file.