| Linode Forum https://forum.linode.com/ |
|
| Anyone Familiar With NFTables? https://forum.linode.com/viewtopic.php?f=19&t=10532 |
Page 1 of 1 |
| Author: | Main Street James [ Sat Oct 19, 2013 9:25 pm ] |
| Post subject: | Anyone Familiar With NFTables? |
I just read that NFTables - a replacement for iptables - is going to be merged into the Linux 3.13 kernel. (http://www.phoronix.com/scan.php?page=n ... px=MTQ5MDU) Here's info on the NFTables project: http://netfilter.org/projects/nftables Is anyone familiar with NFTables? |
|
| Author: | obs [ Sun Oct 20, 2013 5:11 am ] |
| Post subject: | Re: Anyone Familiar With NFTables? |
Never heard of it. Just had a quick read, it'd be nice to have a one tool fits all system but apart from that it doesn't excite me. iptables will be around for a long while, I won't worry about this until I have to. |
|
| Author: | dwfreed [ Sun Oct 20, 2013 5:42 am ] |
| Post subject: | Re: Anyone Familiar With NFTables? |
I spent 10 minutes staring at it when a friend linked me to it a while back, and 10 more minutes staring at when you linked to it here. Beyond that, I've not used it in any way. It does look really neat, and is even more powerful than the current set of iptables/ip6tables/ebtables/arptables (which is pretty hard to do), but as with most things that give you more power to do what you want, it's even less intuitive for new users, which, when it eventually fully replaces the existing tools, will make things like ufw and csf even more prevalent and probably make things worse than they were before. I can read and follow the flow of a ufw ruleset for iptables, but I shudder when thinking of what the nftables version would look like. -Doug |
|
| Author: | Guspaz [ Mon Oct 21, 2013 10:47 am ] |
| Post subject: | Re: Anyone Familiar With NFTables? |
obs wrote: Never heard of it. Just had a quick read, it'd be nice to have a one tool fits all system but apart from that it doesn't excite me. iptables will be around for a long while, I won't worry about this until I have to. iptables will be replaced with nftables in 3.13, as I understand it, although I believe there'll be a compatibility layer. |
|
| Author: | dwfreed [ Mon Oct 21, 2013 10:57 am ] |
| Post subject: | Re: Anyone Familiar With NFTables? |
Guspaz wrote: iptables will be replaced with nftables in 3.13, as I understand it, although I believe there'll be a compatibility layer. They aren't ripping out iptables/ip6tables/ebtables/arptables immediately. They'll coexist for a while (but may be set in the Kconfig to be mutually exclusive), until xtables can use the compatibility layer, and the large majority of the other kinks have been worked out. This probably won't occur until 3.17 or later, at a minimum. -Doug |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|