Nftables to Succeed Netfilter

new2arch · 2009-03-22 13:43:21

Does this suggest netfilter will not longer be incorporated in the kernel?
If so, dang. I have a perfectly well working firewall configured with quicktables...
I doubt there will be firewall scripts available as soon as the nftables replaces netfilter?

byte · 2009-03-22 16:47:54

I expect them to live side-by-side for quite a while, so don't panic. Kernel devs are a weird bunch for sure, but they won't throw out time-proven frameworks overnight.

new2arch · 2009-03-22 17:24:25

Sounds reasonable. Thanks.

test1000 · 2009-03-22 19:21:27

"Kernel devs are a weird bunch for sure" hehehe

/me picturing fat looking UNIX admins with suspenders and a big beard.

Last edited by test1000 (2009-03-22 19:23:04)

jack · 2009-04-16 18:26:15

First release of nftables
Finally, with a lot of delay, I've just released the first full public
version of my nftables code (including userspace), which is intended to
become a successor to iptables. Its written from scratch and there are
numerous differences to iptables in both features and design, so I'll
start with a brief overview.
There are three main components:

- the kernel implementation
- libnl netlink communication
- nftables userspace frontend
The kernel provides a netlink configuration interface, as well as
runtime ruleset evaluation using a small classification language
interpreter. libnl contains the low-level functions for communicating
with the kernel, the nftables frontend is what the user interacts with.

http://lwn.net/Articles/324251/

Nice.:)

Arch Linux

#1 2009-03-22 13:43:21

Nftables to Succeed Netfilter

#2 2009-03-22 16:47:54

Re: Nftables to Succeed Netfilter

#3 2009-03-22 17:24:25

Re: Nftables to Succeed Netfilter

#4 2009-03-22 19:21:27

Re: Nftables to Succeed Netfilter

#5 2009-04-16 18:26:15

Re: Nftables to Succeed Netfilter

Board footer