On Thursday, 17 October 2024 at 04:31 (-0500), David C. Rankin wrote:
On 10/17/24 3:35 AM, gerard.bigot@xxxxxxxxx wrote:
nftables is able to respond to iptables commands through the compatibility layer.
iptables-nft is the packet for you.
I'm glad that's there, but then I have to ask myself, why would I
want to run iptables via nftables through a compatibility layer when I
can just run iptables itself?
The other issue I see there is if a bug or issue pops up. Then is it
due to iptables or the nft compatibility layer?
It's worth noting that nftables is not a newfangled piece of external
software – it's been mainlined in the Linux kernel since 2013, and was
intended to be the successor to legacy iptables.
Jaron
