I experimented a little with nftables, even though it's not clear whether it will ever completely replace iptables, especially after the news about bpfilter, but it was an interesting exercise anyways.
After converting some iptables rules, I looked at how others were using nftables to write a more idiomatic configuration; I found some ruleset for a host firewall, and I tried to add them to my configuration.
When testing those rules I found that some ICMPv6 packets were not being matched as I would have expected.
Recent comments
41 weeks 5 days ago
1 year 16 weeks ago
1 year 31 weeks ago
1 year 31 weeks ago
1 year 31 weeks ago
1 year 47 weeks ago
1 year 51 weeks ago
1 year 51 weeks ago
1 year 51 weeks ago
3 years 10 weeks ago