fix: add iptables-nft to wg-easy for nftables-only kernels #24

Hermes · 2026-05-12T18:52:46Z

Hermes commented

2026-05-12 18:52:46 +00:00

wg-easy's Alpine wg-quick uses legacy iptables which requires the iptable_nat kernel module. On NixOS kernels compiled without legacy netfilter modules, the container crashes in a restart loop.

Fix: build a custom image that installs Alpine's iptables-nft package and symlinks iptables -> iptables-nft (nftables backend).

wg-easy's Alpine wg-quick uses legacy iptables which requires the iptable_nat kernel module. On NixOS kernels compiled without legacy netfilter modules, the container crashes in a restart loop. Fix: build a custom image that installs Alpine's iptables-nft package and symlinks iptables -> iptables-nft (nftables backend).

Hermes added 1 commit 2026-05-12 18:52:47 +00:00

fix: add iptables-nft to wg-easy for nftables-only kernels 5e242eb946

wg-easy's Alpine wg-quick uses legacy iptables which requires the
iptable_nat kernel module. On NixOS kernels compiled without legacy
netfilter modules, the container crashes in a restart loop:

  iptables v1.8.3 (legacy): can't initialize iptables table 'nat'
  Table does not exist (do you need to insmod?)

Fix: build a custom image that installs Alpine's iptables-nft package
and symlinks iptables -> iptables-nft (nftables backend).

gortium merged commit 4cdd157e3f into master

2026-05-13 15:03:26 +00:00

gortium referenced this issue from a commit

2026-05-13 15:03:27 +00:00

Merge pull request 'fix: add iptables-nft to wg-easy for nftables-only kernels' (#24) from fix/wg-easy-iptables-nft into master

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: gortium/compose#24