|
|
Log in / Subscribe / Register

Nftables: a new packet filtering engine

Nftables: a new packet filtering engine

Posted Mar 24, 2009 19:51 UTC (Tue) by quotemstr (subscriber, #45331)
In reply to: Nftables: a new packet filtering engine by flewellyn
Parent article: Nftables: a new packet filtering engine

What exactly were you trying to do?

to post comments

Nftables: a new packet filtering engine

Posted Mar 24, 2009 20:08 UTC (Tue) by flewellyn (subscriber, #5047) [Link] (2 responses)

Route between two NATted LANs and the WAN, with port forwarding and connection tracking. It got hairy when I tried to set up the connection tracking between the two LANs. The WAN-to-LANs tracking wasn't too hard.

This was in 2005, so I will grant that things may have changed since then.

Nftables: a new packet filtering engine

Posted Mar 24, 2009 20:11 UTC (Tue) by Alan_Hicks (guest, #20469) [Link] (1 responses)

Yeah, that's really pretty easy to do with pf. You should give it a look next time you need a firewall, particularly one with several different interfaces and needs.

Nftables: a new packet filtering engine

Posted Mar 25, 2009 13:54 UTC (Wed) by rvfh (guest, #31018) [Link]

How about a PF to Nftables translator, along with the iptables to Nftables translator? Isn't that one of the real strength of Nftables, flexibility?


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds