Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
notes:misc [2024/12/02 13:40] maffnotes:misc [2024/12/04 12:28] (current) – external edit 127.0.0.1
Line 18: Line 18:
  
 Open up Rancher Desktop again and recreate your problem container(s). Open up Rancher Desktop again and recreate your problem container(s).
 +
 +===== Podman =====
 +
 +==== iptables errors - chain already exists when starting container ====
 +
 +This can happen on Alpine if using tailscale and upgrading to 1.76.6 or newer, as it now defaults to using nftables, conflicting with podman's default of using iptables. The fix is to ensure nftables is actually enabled by running ''rc-update add nftables default'' and then ''service nftables start'', followed by editing ''/etc/containers/containers.conf'' and changing ''#firewall_driver = ""'' to ''firewall_driver = "nftables"''. Then reboot.
 +
 +
 +===== Alpine =====
 +
 +==== Traffic not passing when nftables active ====
 +
 +This happens when you enable nftables after installing it. The reason is that the default rules in /etc/nftables.nft drop incoming traffic by default. Replace it with the following file:
 +
 +<code - /etc/nftables.nft>
 +#!/usr/sbin/nft -f
 +# vim: set ts=4 sw=4:
 +# You can find examples in /usr/share/nftables/.
 +
 +# Clear all prior state
 +flush ruleset
 +table inet filter {
 +  chain input {
 +    type filter hook input priority 0; policy accept;
 +  }
 +  chain forward {
 +    type filter hook forward priority 0; policy accept;
 +  }
 +  chain output {
 +    type filter hook output priority 0; policy accept;
 +  }
 +}
 +
 +# The state of stateful objects saved on the nftables service stop.
 +include "/var/lib/nftables/*.nft"
 +
 +# Rules
 +include "/etc/nftables.d/*.nft"
 +</code>
 +
 +Then restart and enjoy.
  
  
Navigation
  • Home