Page 1 of 1
Posted: 07 Apr 2020, 19:23
We're 2 years further now and with Centos 8 this is really starting to get interesting.
In fact it lies in the netfilter's idea's to in time replace iptables with nftables.
Are there any plans from configserver to create a CSF firewall which works with nftables? Any insights on this?
Posted: 07 Apr 2020, 23:33
Catch one more vote for nftables compatibility request.
Posted: 25 May 2020, 21:26
Rationale: ntftables do not use kernel memory to store blocked ips. The traditional use of IP sets for this does not work on all VPS systems, but an NFtable does.
Additional Feedback: Ubuntu Server after 18.04 LTS removed iptables-nftables-compat necessary to run this script as has Debian after backports 1.6.2-1.1. By migrating the script to nftables, the script can be used by newer distributions.
https://packages.debian.org/search?keyw ... ection=all
https://packages.ubuntu.com/search?keyw ... chon=names
Posted: 23 Jul 2020, 07:24
In addition to that, nftables is much more efficient. What surprises me is that CSF has still not yet changed it to nftables. It was too late at the time of posting this thread.
Posted: 25 Oct 2020, 07:50
Just noticed Ubuntu 20.10 seems to have nftables as default, replacing iptables.
https://discourse.ubuntu.com/t/groovy-g ... otes/15533