WingNews logo WingNews
top | item 35880357

(no title)

alex14fr | 2 years ago

Glad to have sticked with the good old iptables and left CONFIG_NF_TABLES unset in kernel configuration.

discuss

order

sam_lowry_|2 years ago

Aren't iptables just an emulation layer on top of netfilter?

failsecure|2 years ago

For modern distros, the nft package includes an alternative binary that takes the place of /sbin/iptables and translates the input to an nft compatible format. As far as the kernel is concerned, iptables is still iptables. Old iptables can be accessed by calling the iptables-legacy binary which will auto load the old iptables ko.

TechBro8615|2 years ago

Yes, AFAIU (not an expert), iptables and nftables are two command line tools and abstractions (chains vs. tables) for interacting with the same underlying netfilter API.

eikenberry|2 years ago

Probably depends on the distro. Iptables is a wrapper around nftables in most distros, but probably not all.