@ -13,6 +13,13 @@ In addition to numerous new and upgraded packages, this release has the followin
[Fedora ](https://fedoraproject.org/wiki/Changes/iptables-nft-default ).
This means, `ip[6]tables` , `arptables` and `ebtables` commands will actually
show rules from some specific tables in the `nf_tables` kernel subsystem.
In case you're migrating from an older release without rebooting, there might
be cases where you end up with iptable rules configured both in the legacy
`iptables` kernel backend, as well as in the `nf_tables` backend.
This can lead to confusing firewall behaviour. An `iptables-save` after
switching will complain about "iptables-legacy tables present".
It's probably best to reboot after the upgrade, or manually removing all
legacy iptables rules (via the `iptables-legacy` package).
- systemd got an `nftables` backend, and configures (networkd) rules in their
own `io.systemd.*` tables. Check `nft list ruleset` to see these rules, not