Page 1 of 1
Re: nftables
Posted: 07 Apr 2020, 19:23
by Black Tiger
We're 2 years further now and with Centos 8 this is really starting to get interesting.
In fact it lies in the netfilter's idea's to in time replace iptables with nftables.
Are there any plans from configserver to create a CSF firewall which works with nftables? Any insights on this?
Re: nftables
Posted: 07 Apr 2020, 23:33
by cloud
Catch one more vote for nftables compatibility request.
Re: nftables
Posted: 25 May 2020, 21:26
by TheDragonLord
Rationale: ntftables do not use kernel memory to store blocked ips. The traditional use of IP sets for this does not work on all VPS systems, but an NFtable does.
Additional Feedback: Ubuntu Server after 18.04 LTS removed iptables-nftables-compat necessary to run this script as has Debian after backports 1.6.2-1.1. By migrating the script to nftables, the script can be used by newer distributions.
References:
https://packages.debian.org/search?keyw ... ection=all
https://packages.ubuntu.com/search?keyw ... chon=names
Re: nftables
Posted: 23 Jul 2020, 07:24
by AdminWonder
In addition to that, nftables is much more efficient. What surprises me is that CSF has still not yet changed it to nftables. It was too late at the time of posting this thread.
Re: nftables
Posted: 25 Oct 2020, 07:50
by datalude
Just noticed Ubuntu 20.10 seems to have nftables as default, replacing iptables.
https://discourse.ubuntu.com/t/groovy-g ... otes/15533