|
|
Log in / Subscribe / Register

Nftables: a new packet filtering engine

Nftables: a new packet filtering engine

Posted Apr 3, 2009 5:40 UTC (Fri) by ejmarkow (guest, #56170)
Parent article: Nftables: a new packet filtering engine

Rather than reinvent the wheel, OpenBSD's excellent PF (Packet Filter) firewall should just be ported and used for Linux and have it replace Iptables. As a former FreeBSD and current Arch Linux user, a firewall similar to PF is an essential item currently lacking in Linux. Otherwise, I support the implementation of Nftables if it's going to be a vast improvement.

to post comments

Nftables: a new packet filtering engine

Posted Apr 3, 2009 13:02 UTC (Fri) by nix (subscriber, #2304) [Link]

Other comments to this article have pointed out that pf has fewer features
than iptables, so porting (really 'reimplementing') it isn't something
that's terribly likely to happen.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds