[FUG-BR] Utilidade Publica - IPTables vai mudar (de novo)

[Fabricio Lima]

Nao sei se chamo isso de offtopic...
é relevante para a comunidade BSD, saber q aquilo q usamos ocasionalmente,
vai mudar.
Pra evitar logar um dia num box linux esquecido, e ver #iptables -L -n
 dando not found

enfim...
lendo no digitalocean, vi um texto q cita:

NFTables

Although iptables has long been the standard for firewalls in a Linux
environment, a new firewall called nftables has recently been added into
the Linux kernel. This is a project by the same team that makes iptables,
and is intended to eventually replace iptables.

The nftables firewall attempts to implement more readable syntax than that
found its iptables predecessor, and implements IPv4 and IPv6 support into
the same tool. While most versions of Linux at this time do not ship with a
kernel new enough to implement nftables, it will soon be very commonplace,
and you should try to familiarize yourself with its usage.
Ela tem uma cara meio JSON:

table filter {
        chain output {
                 tcp dport 22 ct state
                 ip saddr 127.0.0.1 ip daddr 127.0.0.6 drop
        }
}


levei um tempo pra me recuperar do ipfwadm q virou iptables... (kernel
2.2.x)
agora q eu liberei o ping, ja nao sei mais configurar placa de rede, pq o
FHC tirou o ifconfig....


[ ]'s
Fabricio Lima
When your hammer is C++, everything begins to look like a thumb.