Skip to content

Commit d9b464f

Browse files
committed
chore: update announcement for iptables and kea changes
- change: modify announcement ID, title, and content to reflect the new default for iptables and required manual intervention for kea services. - content: clarify steps for users switching between iptables versions and outline necessary actions for kea service management.
1 parent 1c50dfd commit d9b464f

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

dev/ANNOUNCEMENTS/announcement.json

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
2-
"id": "2026-04-05-iptables-nft-to-iptables",
3-
"title": "iptables: iptables-nft replaced by iptables; legacy is iptables-legacy",
4-
"content": "The old **iptables-nft** package name is replaced by **iptables**, and the legacy backend is available as **iptables-legacy**.\n\n**When switching packages** (among iptables-nft, iptables, iptables-legacy), check for **.pacsave** files in `/etc/iptables/` and restore your rules if needed:\n\n- `/etc/iptables/iptables.rules.pacsave`\n- `/etc/iptables/ip6tables.rules.pacsave`\n\nMost setups should work unchanged, but users relying on uncommon xtables extensions or legacy-only behavior should test carefully and use **iptables-legacy** if required.",
2+
"id": "2026-04-10-arch-news-iptables-kea",
3+
"title": "Arch News: iptables nft backend default + kea manual intervention",
4+
"content": "## 1) iptables now defaults to nft backend\n\n`iptables-nft` is replaced by `iptables`. Legacy backend is available as `iptables-legacy`.\n\nImportant steps:\n- If you switch between `iptables-nft`, `iptables`, and `iptables-legacy`, check and restore rule backups if needed:\n - `/etc/iptables/iptables.rules.pacsave`\n - `/etc/iptables/ip6tables.rules.pacsave`\n- Test your firewall rules after upgrade.\n- If you rely on legacy-only behavior or uncommon xtables extensions, use `iptables-legacy`.\n\n## 2) kea >= 1:3.0.3-6 requires manual intervention\n\n`kea` services now run as dedicated `kea` user instead of `root`.\n\nImportant steps (for systems using kea):\n- Fix ownership after upgrade:\n - `chown kea: /var/lib/kea/* /var/log/kea/* /run/lock/kea/logger_lockfile`\n- Restart kea services:\n - `systemctl try-restart kea-ctrl-agent.service kea-dhcp{4,6,-ddns}.service`\n- Add required users to the `kea` group if they need access to kea files/logs/config.",
55
"min_version": "0.7.0",
66
"max_version": null,
77
"expires": null

0 commit comments

Comments
 (0)