xeruf
commented
12 months ago sounds good, especially because nftables will be the way to go rather than iptables
Open tlcd96 opened 1 year ago
xeruf
commented
12 months ago sounds good, especially because nftables will be the way to go rather than iptables
AysadKozanoglu
commented
11 months ago nftables would be right way if hestiacp want to upgrade iptables with anything other implentation. nftables is very near to nf_conntrack also and in combination the best netfilter implementation.
please dont decide to firewalld
Skamasle
commented
10 months ago But debian actually comes with nftables
iptables --version iptables v1.8.9 (nf_tables)
Looks for xtables-nft to understand what happen there.
We don't need to change anything, just be prepared when officially iptables disapper.
From debian 10 nftables is default version, most of systems runs xtables-nft is like iptables_nftables
But, I think we can manage nftables with firewalld.
Describe the feature or change in detail
Maybe, since the package is available in GitHub (open source) we can replace the iptables to the nftables since it is an upgrade to the average user. and fail2ban can be used with nftables: post i found about it: (this works with any system, some might need to update paths, but otherwise, it's the same for all) Using systemd to bind fail2ban to nftables Best Practices for persisting nftables rules
Would you like to sponsor this feature to have it implemented?
No