NEWS: document nftables support in network driver

author Laine Stump <laine@redhat.com>

Fri, 24 May 2024 02:56:04 +0000 (22:56 -0400)

committer Laine Stump <laine@redhat.com>

Mon, 27 May 2024 14:29:17 +0000 (10:29 -0400)
author Laine Stump <laine@redhat.com>
Fri, 24 May 2024 02:56:04 +0000 (22:56 -0400)
committer Laine Stump <laine@redhat.com>
Mon, 27 May 2024 14:29:17 +0000 (10:29 -0400)
diff --git a/NEWS.rst b/NEWS.rst

index 42b0f8812898a12a91328596c77ef49a801556a8..14505116b10e30b2a374821d0bea53bed6f3bcac 100644 (file)
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -33,6 +33,16 @@ v10.4.0 (unreleased)
      ``<sound model='virtio'/>``. This model is available from QEMU 8.2.0
      onwards.
  
+  * network: use nftables to setup virtual network firewall rules
+
+    The network driver can now use nftables rules for the virtual
+    network firewalls, rather than iptables. With the standard build
+    options, nftables is preferred over iptables (with fallback to
+    iptables if nftables isn't installed), but this can be modified at
+    build time, or at runtime via the firewall_backend setting in
+    network.conf. (NB: the nwfilter driver still uses
+    ebtables/iptables).
+
  * **Improvements**
  
  * **Bug fixes**
author	Laine Stump <laine@redhat.com>
	Fri, 24 May 2024 02:56:04 +0000 (22:56 -0400)
committer	Laine Stump <laine@redhat.com>
	Mon, 27 May 2024 14:29:17 +0000 (10:29 -0400)