Received: from sagaracharya.in (unknown [45.248.64.201]) by gbr-app-1.alpinelinux.org (Postfix) with ESMTPS id D73552235E2 for <~alpine/devel@lists.alpinelinux.org>; Sat, 3 Jan 2026 06:21:26 +0000 (UTC) Received: from [IPv6:::1] ( [152.58.42.254]) by sagaracharya.in (OpenSMTPD) with ESMTPSA id 5d7e14c2 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for <~alpine/devel@lists.alpinelinux.org>; Sat, 3 Jan 2026 11:51:23 +0530 (IST) Date: Sat, 03 Jan 2026 11:51:22 +0530 From: Sagar Acharya To: ~alpine/devel@lists.alpinelinux.org Subject: Re: Preferred firewall User-Agent: K-9 Mail for Android In-Reply-To: References: Message-ID: <243FD51C-A546-40E2-AED2-235618F48D5B@whitelist.co.in> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable In my view, due to Maya (Illusion, better known as AI), it is impossible to= classify bad packets from good ones=2E Text Maya is already solved and Alp= ine should add good packages for Maya, like torch7 and cutorch=2E LLMs program so well that programming LLMs like Qwen, specialized for a ce= rtain language are very important=2E We at Whitelist Tech, therefore say, whitelisting is the future, i=2Ee=2E = , whitelist certain IPs, using nftables=2E=20 On 3 =E0=A4=9C=E0=A4=A8=E0=A4=B5=E0=A4=B0=E0=A5=80 2026 7:02:30 am IST, "W= =2E Michael Petullo" wrote: >I maintain an application on Alpine, and I have become a little confused >about the distribution's preferred firewall stack=2E Until now, I have >used awall=2E Recently, I found that my approach had to change slightly, >because Alpine 3=2E23 does not by default provide the ip_tables module: > ># modprobe ip_tables >modprobe: FATAL: Module ip_tables not found in directory /lib/modules/6= =2E18=2E2-0-virt > >Awall still seems to work due to the presence of x_tables, but this led >me to do some research that left me uncertain=2E Here are the questions I >am left with after reading several pieces of documentation: > >It seems x_tables is old (e=2Eg=2E, https://lwn=2Enet/Articles/155118/)= =2E Did >something change recently in Alpine to remove ip_tables (the kernel >module)? > >Is it true that awall is tied to iptables (the utility)? > >Does this mean that awall does not make use of nftables (the kernel >module)? > >Which is preferred, awall or nftables? > >Alpine's documentation still instructs to modprobe ip_tables >(https://wiki=2Ealpinelinux=2Eorg/wiki/How-To_Alpine_Wall)=2E Is this >now incorrect? > >I am presently building Alpine installs using >https://dl-cdn=2Ealpinelinux=2Eorg/alpine/v3=2E23/releases/x86_64/alpine-= virt-3=2E23=2E0-x86_64=2Eiso=2E > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Thanking you Sagar Acharya https://whitelist=2Eco=2Ein