You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2021-01-28 14:47:51
- ifdv44
- Member
- Registered: 2021-01-03
- Posts: 10
nftables advice?
I'm still learning so be gentle.
It appears iptables is on the road to deprecation in the Debian repos and that nftables is the recommended replacement for maintaining a firewall on a machine. Is it safe to assume that Devuan will follow that (it appears to be the default install too) ?
I've never really poked at the firewalls on Linux until recently and a brief look at the syntax and documentation suggests the iptables rules are easier to read and that there is more documentation on them. However , while i can see the point in learning that, my time is limited and I'm looking for a clear guide to the syntax and some examples of nftables. I've been looking on the netfilter site and various other searches and I've gone a bit cross eyed. Any suggestions on where i might be advised to start learning from?. I dont want to lock myself out of the remote machine so will need SSH open at the minimum.
Offline
#2 2021-01-28 16:06:47
- Head_on_a_Stick
- Member
- From: London
- Registered: 2019-03-24
- Posts: 3,125
- Website
Re: nftables advice?
Is it safe to assume that Devuan will follow that (it appears to be the default install too) ?
I think beowulf already defaults to the nftables backend as per https://www.debian.org/releases/stable/ … l#nftables
iptables rules are easier to read
I do not agree with that at all. The nftables syntax looks *much* easier to understand IMO but I am pretty ignorant when it comes to firewalls so my opinion is probably moot.
Any suggestions on where i might be advised to start learning from?
I presume you've seen the nftables wiki? See also https://wiki.debian.org/nftables & https://wiki.archlinux.org/index.php/Nftables
The nftables package provides a few examples under /usr/share/doc/ and also has a sysvinit script that can be used in Devuan but it needs correcting:
Brianna Ghey — Rest In Power
Offline
Pages: 1
