stable

iptables-1.8.11-6.fc42

FEDORA-2025-a17e3e5938 created by psutter 12 months ago for Fedora 42

Keep symlinks managed by alternatives under /usr/bin

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-a17e3e5938

This update has been submitted for testing by psutter.

12 months ago

This update's test gating status has been changed to 'waiting'.

12 months ago

This update's test gating status has been changed to 'waiting'.

12 months ago

This update's test gating status has been changed to 'passed'.

12 months ago

This update has been pushed to testing.

12 months ago
User Icon besser82 commented & provided feedback 12 months ago
karma

Works great! LGTM! =)

User Icon derekenz commented & provided feedback 12 months ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

12 months ago
User Icon geraldosimiao provided feedback 12 months ago
karma

This update has been submitted for stable by bodhi.

12 months ago

This update has been pushed to stable.

12 months ago
User Icon ellert commented & provided feedback 12 months ago
karma

Incomplete. Moving the alternatives to /usr/bin is a good start, but the scriptlets don't remove the old /usr/sbin alternatives. After installing the update the /usr/sbin ones are still considered the "best", blocking the sbin merge:

# rpm -qi iptables-nft
Name        : iptables-nft
Version     : 1.8.11
Release     : 6.fc42
Architecture: x86_64
Install Date: Mon Apr 28 07:10:46 2025
Group       : Unspecified
Size        : 476765
License     : GPL-2.0-only AND Artistic-2.0 AND ISC
Signature   : RSA/SHA256, Fri Apr 25 22:05:36 2025, Key ID c8ac4916105ef944
Source RPM  : iptables-1.8.11-6.fc42.src.rpm
Build Date  : Fri Apr 25 21:58:34 2025
Build Host  : buildvm-x86-12.iad2.fedoraproject.org
Packager    : Fedora Project
Vendor      : Fedora Project
URL         : https://www.netfilter.org/projects/iptables
Bug URL     : https://bugz.fedoraproject.org/iptables
Summary     : nftables compatibility for iptables, arptables and ebtables
Description :
nftables compatibility for iptables, arptables and ebtables.

# alternatives --display iptables
iptables - status is auto.
 link currently points to /usr/sbin/iptables-nft
/usr/sbin/iptables-nft - priority 10
 follower ip6tables: /usr/sbin/ip6tables-nft
 follower ip6tables-restore: /usr/sbin/ip6tables-nft-restore
 follower ip6tables-save: /usr/sbin/ip6tables-nft-save
 follower iptables-restore: /usr/sbin/iptables-nft-restore
 follower iptables-save: /usr/sbin/iptables-nft-save
 follower ip6tables: /usr/sbin/ip6tables-nft
 follower ip6tables-restore: /usr/sbin/ip6tables-nft-restore
 follower ip6tables-save: /usr/sbin/ip6tables-nft-save
 follower iptables-restore: /usr/sbin/iptables-nft-restore
 follower iptables-save: /usr/sbin/iptables-nft-save
/usr/bin/iptables-nft - priority 10
 follower ip6tables: /usr/bin/ip6tables-nft
 follower ip6tables-restore: /usr/bin/ip6tables-nft-restore
 follower ip6tables-save: /usr/bin/ip6tables-nft-save
 follower iptables-restore: /usr/bin/iptables-nft-restore
 follower iptables-save: /usr/bin/iptables-nft-save
 follower ip6tables: /usr/bin/ip6tables-nft
 follower ip6tables-restore: /usr/bin/ip6tables-nft-restore
 follower ip6tables-save: /usr/bin/ip6tables-nft-save
 follower iptables-restore: /usr/bin/iptables-nft-restore
 follower iptables-save: /usr/bin/iptables-nft-save
Current `best' version is /usr/sbin/iptables-nft.
User Icon hugoposnic commented & provided feedback 12 months ago
karma

Breaks Docker for me:

failed to start daemon: Error initializing network controller: error obtaining controller instance: 
failed to register "bridge" driver: 
failed to create NAT chain DOCKER: COMMAND_FAILED: INVALID_IPV: 'ipv4' is not a valid backend or is unavailable
failed to find iptables error="exec: \"iptables\": executable file not found in $PATH"

Downgrading to iptables-1.8.11-5.fc42 fix the issue.

User Icon codedead commented & provided feedback 12 months ago
karma

Breaks docker again.

User Icon infiniti151 commented & provided feedback 12 months ago
karma

Breaks NordVPN

User Icon xenithorb commented & provided feedback 12 months ago
karma

Breaks IVPN for me 

$ ivpn firewall -on
Error: Failed to change firewall state : failed to execute shell command: exit status 127
User Icon maltazar1 commented & provided feedback 12 months ago
karma

Breaks docker, yeah.

You can fix it manually by doing

sudo alternatives --config iptables

and re-selecting the /usr/sbin (iptables-nft) which is probably selected, then rebooting (from the docker issue tracker, so people stuck looking for a solution aren't looking as long as I did)

Please log in to add feedback.

Metadata
Type
enhancement
Karma
-3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
12 months ago
in testing
12 months ago
in stable
12 months ago
approved
12 months ago
Builds
1
iptables-1.8.11-6.fc42
iptables-1.8.11-6.fc42

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-21-hmlh5.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy