You are not logged in.
Does this suggest netfilter will not longer be incorporated in the kernel?
If so, dang. I have a perfectly well working firewall configured with quicktables...
I doubt there will be firewall scripts available as soon as the nftables replaces netfilter?
Offline
I expect them to live side-by-side for quite a while, so don't panic. Kernel devs are a weird bunch for sure, but they won't throw out time-proven frameworks overnight.
1000
Offline
Sounds reasonable. Thanks.
Offline
"Kernel devs are a weird bunch for sure" hehehe
/me picturing fat looking UNIX admins with suspenders and a big beard.
Last edited by test1000 (2009-03-22 19:23:04)
KISS = "It can scarcely be denied that the supreme goal of all theory is to make the irreducible basic elements as simple and as few as possible without having to surrender the adequate representation of a single datum of experience." - Albert Einstein
Offline
First release of nftables
Finally, with a lot of delay, I've just released the first full public
version of my nftables code (including userspace), which is intended to
become a successor to iptables. Its written from scratch and there are
numerous differences to iptables in both features and design, so I'll
start with a brief overview.There are three main components:
- the kernel implementation
- libnl netlink communication
- nftables userspace frontendThe kernel provides a netlink configuration interface, as well as
runtime ruleset evaluation using a small classification language
interpreter. libnl contains the low-level functions for communicating
with the kernel, the nftables frontend is what the user interacts with.
http://lwn.net/Articles/324251/
Nice.:)
Offline