I experimented a little with nftables, even though it's not clear whether it will ever completely replace iptables, especially after the news about bpfilter, but it was an interesting exercise anyways.
After converting some iptables rules, I looked at how others were using nftables to write a more idiomatic configuration; I found some ruleset for a host firewall, and I tried to add them to my configuration.
When testing those rules I found that some ICMPv6 packets were not being matched as I would have expected.
Recent comments
28 weeks 2 days ago
1 year 3 weeks ago
1 year 17 weeks ago
1 year 17 weeks ago
1 year 18 weeks ago
1 year 34 weeks ago
1 year 38 weeks ago
1 year 38 weeks ago
1 year 38 weeks ago
2 years 49 weeks ago