From 5fe57b4afa9389a8602962a7adc8858f95378836 Mon Sep 17 00:00:00 2001
From: Adrian Freihofer <adrian.freihofer@gmail.com>
Date: Tue, 7 Jun 2022 00:01:35 +0200
Subject: [PATCH] networkmanager: use nftables by default

From NEWS file of netowrkmanager 1.32:

firewall: add nftables firewall backend for configuring IPv4 NAT with
shared mode. Now two backends are supported, "iptables" and "nftables".
The default gets detected based on whether /usr/sbin/nft or
/usr/sbin/iptables is installed, with nftables preferred.

With this change nftables is not the prefered backend also with OE. But
it's still possible to set NETWORKMANAGER_FIREWALL_DEFAULT back to
iptables.

Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 .../networkmanager/networkmanager_1.36.2.bb                 | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb
index 9fc43dceb5..55eb3e7024 100644
--- a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb
+++ b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb
@@ -42,6 +42,10 @@ NETWORKMANAGER_DNS_RC_MANAGER_DEFAULT ??= "auto"
 # ['dhcpcanon', 'dhclient', 'dhcpcd', 'internal', 'nettools']
 NETWORKMANAGER_DHCP_DEFAULT ??= "internal"
 
+# The default gets detected based on whether /usr/sbin/nft or /usr/sbin/iptables is installed, with nftables preferred.
+# ['', 'iptables', 'nftables']
+NETWORKMANAGER_FIREWALL_DEFAULT ??= "nftables"
+
 EXTRA_OEMESON = "\
     -Difcfg_rh=false \
     -Dtests=yes \
@@ -238,7 +242,7 @@ FILES:${PN}-daemon += " \
     ${systemd_system_unitdir} \
 "
 RRECOMMENDS:${PN}-daemon += "\
-    iptables \
+    ${NETWORKMANAGER_FIREWALL_DEFAULT} \
     ${@bb.utils.filter('PACKAGECONFIG', 'dnsmasq', d)} \
 "
 INITSCRIPT_NAME:${PN}-daemon = "network-manager"