You are not logged in.

#1 2022-08-17 15:27:16

gothmog123
Member
Registered: 2012-10-31
Posts: 108

nftables, ufw, etc

can someone clear up the situation with nftables, iptables, ufw?

based on the relevant sections in the archwiki (quoted below) I installed iptables-nft.


i have three options now. enable nftables.service, enable ufw.service or enable nothing and uninstall ufw.

which one is the best option for someone who is a complete idiot when it comes to networking and who wants a simple and easy configuration. i would prefer to use nftables.

if I enable ufw am i running nftables? is this supported?

if i enable nftables.service i get networking problems, for instance my printer doesnt work.

is it safe to enable nothing? am i running nftables then?

-------------------------------------------------------------
from the archwiki:

Install iptables-nft, which includes nftables as a dependency, will automatically uninstall iptables (an indirect dependency of the base meta package) and prevent conflicts between iptables and nftables when used together.

ufw:

Note: It should be noted that UFW can use either iptables or nftables as the back-end firewall. Users accustomed to calling UFW to manage rules do not need to take any actions to learn underlying calls to iptables or to nftables thanks to

nft

accepting iptables syntax, for example within

/etc/ufw/before.rules

Offline

#2 2022-08-17 19:02:59

mcloaked
Member
From: Yorkshire, UK
Registered: 2012-02-02
Posts: 1,153

Re: nftables, ufw, etc

Some time ago I switched from iptables to nftables - I found the only reliable way to make that transition was effectively to learn what is needed in nftables, and write your own new nft rules file (as /etc/nftables.conf ) and there are some examples in the arch wiki - nft has a syntax checker, and once the rules are valid it works very well indeed.

Last edited by mcloaked (2022-08-17 19:05:57)


Mike C

Offline

Board footer

Powered by FluxBB