nftables is able to respond to iptables commands through the compatibility layer.

iptables-nft is the packet for you.

 

Le jeu. 17 oct. 2024 à 09:16, David C. Rankin <drankinatty@gmail.com> a écrit :
On 10/14/24 8:49 AM, Martin Rys wrote:
> Arch Linux still uses the legacy iptables backend, as opposed to the
> nft backend that every other distribution uses.

I always thought the iptables default was the result if Arch's KISS philosophy
and I really appreciate it. I use iptables, ipset and fail2ban and like being
able to put those base pieces together and tailor them for my server use
without bringing in the whole nftables pre-defined sets.

I appreciate Arch providing the basic tools by default, while also making
nftables available if you want to go that route. I wouldn't change the default.

--
David C. Rankin, J.D.,P.E.