LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Nftables: a new packet filtering engine

Nftables: a new packet filtering engine

Posted Mar 24, 2009 20:08 UTC (Tue) by flewellyn (subscriber, #5047)
In reply to: Nftables: a new packet filtering engine by quotemstr
Parent article: Nftables: a new packet filtering engine

Route between two NATted LANs and the WAN, with port forwarding and connection tracking. It got hairy when I tried to set up the connection tracking between the two LANs. The WAN-to-LANs tracking wasn't too hard.

This was in 2005, so I will grant that things may have changed since then.

(Log in to post comments)

Nftables: a new packet filtering engine

Posted Mar 24, 2009 20:11 UTC (Tue) by Alan_Hicks (subscriber, #20469) [Link]

Yeah, that's really pretty easy to do with pf. You should give it a look next time you need a firewall, particularly one with several different interfaces and needs.

Nftables: a new packet filtering engine

Posted Mar 25, 2009 13:54 UTC (Wed) by rvfh (subscriber, #31018) [Link]

How about a PF to Nftables translator, along with the iptables to Nftables translator? Isn't that one of the real strength of Nftables, flexibility?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds