From e0fe0621ab32bf73a803d0e7d0c8c084c784dfd2 Mon Sep 17 00:00:00 2001 From: Jakub Jirutka Date: Sat, 28 Feb 2026 23:50:05 +0100 Subject: [PATCH] community/keepalived: build with nftables support Enable nftables support so keepalived can enforce VRRP no_accept mode and properly handle VMAC multicast filtering. Without firewall support (nftables or iptables), these features are non-functional, leading to incorrect traffic acceptance on BACKUP nodes and improper multicast behavior. This is enabled by default if libnftnl is found. I think that it was disabled by accident, not intentionally. This change increases keepalived size by 32 kiB and add dependency on libnftnl (180 kiB) and libmnl (40 kiB). --- community/keepalived/APKBUILD | 1 + 1 file changed, 1 insertion(+) diff --git a/community/keepalived/APKBUILD b/community/keepalived/APKBUILD index 265a402b3b8..14731217adb 100644 --- a/community/keepalived/APKBUILD +++ b/community/keepalived/APKBUILD @@ -13,6 +13,7 @@ makedepends=" autoconf automake libnfnetlink-dev + libnftnl-dev libnl3-dev linux-headers net-snmp-dev