From bbc1b3fc6eb02d632bf525f143cb100f8e65cec2 Mon Sep 17 00:00:00 2001
From: Laine Stump <laine@redhat.com>
Date: Thu, 23 May 2024 22:56:04 -0400
Subject: [PATCH] NEWS: document nftables support in network driver

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
---
 NEWS.rst | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/NEWS.rst b/NEWS.rst
index 42b0f88128..14505116b1 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -33,6 +33,16 @@ v10.4.0 (unreleased)
     ``<sound model='virtio'/>``. This model is available from QEMU 8.2.0
     onwards.
 
+  * network: use nftables to setup virtual network firewall rules
+
+    The network driver can now use nftables rules for the virtual
+    network firewalls, rather than iptables. With the standard build
+    options, nftables is preferred over iptables (with fallback to
+    iptables if nftables isn't installed), but this can be modified at
+    build time, or at runtime via the firewall_backend setting in
+    network.conf. (NB: the nwfilter driver still uses
+    ebtables/iptables).
+
 * **Improvements**
 
 * **Bug fixes**
-- 
2.39.5