Nftables to replace iptables?

Looks like it. It’s protocol independent, reduces complexity and duplication and will sigificantly reduce the packet filtering footprint in the kernel. It should also make it more easily extensible in the future, as it runs in user space in a virtual machine.

http://lwn.net/Articles/324989/

Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

 robin@edgarbv.com  https://www.edgarbv.com

Leave a Reply