You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe
We have a bit special setup:
rtpengine runs inside a podman container, with host networking. So we cannot set up nftables rules inside the container. Previously, we installed the kernel module and the iptables package in the host, and then had a pre-start hook which added the iptables rules on the host when starting the container and cleaning up on teardown.
This method has vanished with the switch from iptables to nftables-only in 12.x. Now the only way I have found so far is to also install the rtpengine-daemon package on the host (where it should not be) and then call rtpengine-daemon --start-nftables in the pre-start hook. Trying something like this causes an error, guess it doesn't know what to do with the RTPENGINE target (xt_RTPENGINE module is loaded):
workspace $ nft add rule ip filter rtpengine ip protocol udp udp dport 15000-30000 counter jump RTPENGINE
Error: Could not process rule: No such file or directory
add rule ip filter rtpengine ip protocol udp udp dport 15000-30000 counter jump RTPENGINE
^^^^^^^^^
Describe the solution you'd like
I'd like to have a tool for setting up the appropriate nftables rules without needing the whole rtpengine-daemon package.
Describe alternatives you've considered
No response
The rtpengine version you checked that didn't have the feature you are asking for
12.5.1.2 on Ubuntu Jammy
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe
We have a bit special setup:
rtpengine runs inside a podman container, with host networking. So we cannot set up nftables rules inside the container. Previously, we installed the kernel module and the iptables package in the host, and then had a pre-start hook which added the iptables rules on the host when starting the container and cleaning up on teardown.
This method has vanished with the switch from iptables to nftables-only in 12.x. Now the only way I have found so far is to also install the rtpengine-daemon package on the host (where it should not be) and then call
rtpengine-daemon --start-nftablesin the pre-start hook. Trying something like this causes an error, guess it doesn't know what to do with theRTPENGINEtarget (xt_RTPENGINEmodule is loaded):Describe the solution you'd like
I'd like to have a tool for setting up the appropriate nftables rules without needing the whole rtpengine-daemon package.
Describe alternatives you've considered
No response
The rtpengine version you checked that didn't have the feature you are asking for
12.5.1.2 on Ubuntu Jammy
The text was updated successfully, but these errors were encountered: