[PATCH] NEWS: document nftables support in network driver

Signed-off-by: Laine Stump <laine(a)redhat.com&gt; --- NEWS.rst | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 42b0f88128..14505116b1 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -33,6 +33,16 @@ v10.4.0 (unreleased) ``<sound model='virtio'/>``. This model is available from QEMU 8.2.0 onwards. + * network: use nftables to setup virtual network firewall rules + + The network driver can now use nftables rules for the virtual + network firewalls, rather than iptables. With the standard build + options, nftables is preferred over iptables (with fallback to + iptables if nftables isn't installed), but this can be modified at + build time, or at runtime via the firewall_backend setting in + network.conf. (NB: the nwfilter driver still uses + ebtables/iptables). + * **Improvements** * **Bug fixes** -- 2.45.0