On Sat, 24 May 2014, Der Tiger wrote:
> While there is certainly nothing decided, yet, there have been
> indications {2,3}, that iptables and ip6tables may be replaced by
> nftables {1} sometime in the future. nftables is already part of the
> kernel, but still under development. It is a likely candidate to become
> the kernel devs-team favoured packet filter and the then obsolete
> ip*tables victim of a code clean-up, even though this is probably years
> of time away.
>
> How will the (possible) change to nftables affect the development of
> Alpine Wall? Are there plans to make Alpine Wall compatible with
> nftables, once the development of nftables has progressed enough?
This is how I think. For the time being, it is probably a bit too early to
consider switching to nftables, but as you say, likely must be done at
some point of time.
Based on the documentation you refer to, the abstraction level provided by
nftables is roughly the same as that of iptables. Therefore, I think awall
will continue to be useful also with nftables.
BR,
Kaarle
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---