[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse
Subject:    Re: [opensuse] ndtables ?
From:       Darryl Gregorash <raven () accesscomm ! ca>
Date:       2019-02-28 18:52:21
Message-ID: 788fe73d-998c-a7af-3139-da14fa1e99d9 () accesscomm ! ca
[Download RAW message or body]

On 2019-02-28 12:35 PM, Patrick Shanahan wrote:
> * Darryl Gregorash <raven@accesscomm.ca> [02-28-19 11:19]:
>> On 2019-02-28 10:03 AM, Anton Aylward wrote:
>>> On 2019-02-28 2:25 a.m., Per Jessen wrote:
>>>> nftables is the latest evolution - we started out with ipchains (1999?),
>>>> then iptables, now nftables (2014?).  c't (German computer magazine)
>>>> has done a couple of decent articles - in 2015 and quite recently, in
>>>> january I think. 
>>> DO late-model kernels have nftables or are still iptables?
>>> As far as I can tell my 4.20 series kernel still has iptables.
>>> the 'apropos' command tels me about iptables commands but no nftables
>> Both. Iptables is the default at installation time, but nftables is in
>> the repository.
> unless openSUSE removes nftables and I doubt that, both reside within the
> kernel 
>
>   https://en.wikipedia.org/wiki/Nftables
>     nftables is a subsystem of the Linux kernel providing filtering and
>     classification of network packets/datagrams/frames. It has been
>     available since Linux kernel 3.13 released on 19 January 2014.
>     
>       
~ # zypper info nftables
Information for package nftables:
<snip>
Summary        : Userspace utility to access the nf_tables packet filter

Note that nf_tables is the stuff in the kernel, while nftables comprises
the utilities to the filter.

There's also a package, iptables-nft, whose utilities behave like
iptables on the CLI, but which edit the rules of the nft packet filter.

-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse+owner@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]