On Sun, Nov 17, 2024 at 09:09:00PM +0100, Jason A. Donenfeld wrote:
On Mon, Nov 11, 2024 at 04:19:02AM +0000, Hangbin Liu wrote:
Use nft by default if it's supported, as nft is the replacement for iptables, which is used by default in some releases. Additionally, iptables is dropped in some releases.
Rather than having this optionality, I'd rather just do everything in one way or the other. So if you're adamant that we need to use nft, just convert the whole thing. And then subsequently, make sure that the qemu test harness supports it. That should probably be a series.
Hmm, try build nft but got error
# make -C tools/testing/selftests/wireguard/qemu/ make: Entering directory '/home/net/tools/testing/selftests/wireguard/qemu' Building for x86_64-linux-musl using x86_64-redhat-linux cd /home/net/tools/testing/selftests/wireguard/qemu/build/x86_64/nftables-1.0.9 && ./configure --prefix=/ --build=x86_64-redhat-linux --host=x86_64-linux-musl --enable-static --disable-shared checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes ... checking for pkg-config... /usr/bin/pkg-config configure: WARNING: using cross tools not prefixed with host triplet checking pkg-config is at least version 0.9.0... yes checking for libmnl >= 1.0.4... yes checking for libnftnl >= 1.2.6... yes checking for __gmpz_init in -lgmp... no configure: error: No suitable version of libgmp found
But I can config it manually like: ./configure --prefix=/ --build=x86_64-redhat-linux --host=x86_64-linux-musl --enable-static --disable-shared correctly
Do you have any idea?
Thanks Hangbin