From b5e1863d1ca48a89c7936abb94403ffb7ff296a0 Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Mon, 30 Sep 2024 13:35:49 +0200
Subject: [PATCH] rpm: do not load iptables modules on f41+

As we started to default to nftables on f41[1,2] we no longer have to
load legacy iptables modules.

[1] https://fedoraproject.org/wiki/Changes/NetavarkNftablesDefault
[2] https://github.com/containers/netavark/pull/1038

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 rpm/podman.spec | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/rpm/podman.spec b/rpm/podman.spec
index 6b3cee152d..2d9b299e26 100644
--- a/rpm/podman.spec
+++ b/rpm/podman.spec
@@ -266,8 +266,8 @@ PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDI
        install.remote \
        install.testing
 
-# Only need this on Fedora until nftables becomes the default
-%if %{defined fedora}
+# See above for the iptables.conf declaration
+%if %{defined fedora} && 0%{?fedora} < 41
 %{__make} DESTDIR=%{buildroot} MODULESLOADDIR=%{_modulesloaddir} install.modules-load
 %endif
 
@@ -307,7 +307,10 @@ ln -s ../virtiofsd %{buildroot}%{_libexecdir}/%{name}
 %{_tmpfilesdir}/%{name}.conf
 %{_systemdgeneratordir}/%{name}-system-generator
 %{_systemdusergeneratordir}/%{name}-user-generator
-%if %{defined fedora}
+# iptables modules are only needed with iptables-legacy,
+# as of f41 netavark will default to nftables so do not load unessary modules
+# https://fedoraproject.org/wiki/Changes/NetavarkNftablesDefault
+%if %{defined fedora} && 0%{?fedora} < 41
 %{_modulesloaddir}/%{name}-iptables.conf
 %endif