The officially official Devuan Forum!

You are not logged in.

#1 2021-01-28 14:47:51

ifdv44
Member
Registered: 2021-01-03
Posts: 7  

nftables advice?

I'm still learning so be gentle.

It appears iptables is on the road to deprecation in the Debian repos and that nftables is the recommended replacement for maintaining a firewall on a machine. Is it safe to assume that Devuan will follow that (it appears to be the default install too) ?

I've never really poked at the firewalls on Linux until recently and a brief look at the syntax and documentation suggests the iptables rules are easier to read and that there is more documentation on them. However , while i can see the point in learning that, my time is limited and I'm looking for a clear guide to the syntax and some examples of nftables. I've been looking on the netfilter site and various other searches and I've gone a bit cross eyed. Any suggestions on where i might be advised to start learning from?. I dont want to lock myself out of the remote machine so will need SSH open at the minimum.

Offline

#2 2021-01-28 16:06:47

Head_on_a_Stick
Member
From: London
Registered: 2019-03-24
Posts: 1,383  
Website

Re: nftables advice?

ifdv44 wrote:

Is it safe to assume that Devuan will follow that (it appears to be the default install too) ?

I think beowulf already defaults to the nftables backend as per https://www.debian.org/releases/stable/ … l#nftables

ifdv44 wrote:

iptables rules are easier to read

I do not agree with that at all. The nftables syntax looks *much* easier to understand IMO but I am pretty ignorant when it comes to firewalls so my opinion is probably moot.

ifdv44 wrote:

Any suggestions on where i might be advised to start learning from?

I presume you've seen the nftables wiki? See also https://wiki.debian.org/nftables & https://wiki.archlinux.org/index.php/Nftables

The nftables package provides a few examples under /usr/share/doc/ and also has a sysvinit script that can be used in Devuan but it needs correcting:

https://dev1galaxy.org/viewtopic.php?id=2889


Black Lives Matter

Offline

Board footer