nftables is able to respond to iptables commands through the compatibility layer. iptables-nft is the packet for you. Le jeu. 17 oct. 2024 à 09:16, David C. Rankin <drankinatty@gmail.com> a écrit :
On 10/14/24 8:49 AM, Martin Rys wrote:
Arch Linux still uses the legacy iptables backend, as opposed to the nft backend that every other distribution uses.
I always thought the iptables default was the result if Arch's KISS philosophy and I really appreciate it. I use iptables, ipset and fail2ban and like being able to put those base pieces together and tailor them for my server use without bringing in the whole nftables pre-defined sets.
I appreciate Arch providing the basic tools by default, while also making nftables available if you want to go that route. I wouldn't change the default.
-- David C. Rankin, J.D.,P.E.