On 10/17/24 3:35 AM, gerard.bigot@xxxxxxxxx wrote:
nftables is able to respond to iptables commands through the compatibility layer.
iptables-nft is the packet for you.
Thank you,
I'm glad that's there, but then I have to ask myself, why would I want to
run iptables via nftables through a compatibility layer when I can just run
iptables itself?
The other issue I see there is if a bug or issue pops up. Then is it due to
iptables or the nft compatibility layer?
Either way, I'm glad to know I can still use the tailored setup regardless
of the default. But I do see a downside troubleshooting if a compatibility
layer is involved.
So long as both are packages are offered, it doesn't really matter. You can
install or remove either to your liking. I've been meaning to try the nftables
setup, but haven't had a day or so to set aside to go through everything.
I've got no complaints about the defaults Arch chooses. They always work
out okay.
--
David C. Rankin, J.D.,P.E.
