You are not logged in.
Hi,
Would it be possible to add nftables as default firewall including a default config file?
I know that's the first action I take after installing a new system
Offline
Be Excellent to Each Other...
The Bunsenlabs Lithium Desktop » Here
FORUM RULES and posting guidelines «» Help page for forum post formatting
Artwork on DeviantArt «» BunsenLabs on DeviantArt
Offline
ok, but if you want to use the nftables syntax, you still have to install the package
Also, I don't believe there's a default config file, eg for general desktop use...
Last edited by chrisdb (2019-10-03 12:28:52)
Offline
Offline
...
ok, but if you want to use the nftables syntax, you still have to install the package
...
My mistake - I didn't realize that you want to use nftables without installing nftables
Be Excellent to Each Other...
The Bunsenlabs Lithium Desktop » Here
FORUM RULES and posting guidelines «» Help page for forum post formatting
Artwork on DeviantArt «» BunsenLabs on DeviantArt
Offline
Not having installed Lithium yet does Debian Buster use the 4.10 kernel
Netfilter and nftables are used in applications such as Internet connection sharing, firewalls, IP accounting,
transparent proxying, advanced routing and traffic control.
A Linux kernel >= 3.13 is required. However, >= 4.10 is recommended.
I'm good here: Kernel: 4.9.0-11-amd64 for the "required branch".
@ chrisdb - what's the advantage over iptables that come configured with BL?
I'm using a desktop as well.
Debian 12 Beardog, SoxDog and still a Conky 1.9er
Offline
My mistake - I didn't realize that you want to use nftables without installing nftables hmm
According to the Debian wiki page you mentioned, Buster indeed uses 'some sort' of nftables implementation, but with iptables syntax on a nf_tables kernel subsystem. I would rather use the nftables syntax directly
@ chrisdb - what's the advantage over iptables that come configured with BL?
I'm using a desktop as well.
From the FAQ on debian:
Why a new framework?
The previous framework (iptables) has several problems hard to address, regarding scalability, performance, code maintenance, etc..
Just want to be future safe
Last edited by chrisdb (2019-10-03 14:47:14)
Offline