On 18 June 2014 21:49, Fejes József <jozsef.fejes@xxxxxxxxx> wrote: > Hi, > > I would like to start using nftables, but I'm playing with a headless > box and it would be too inconvenient if I locked myself out, so let me > ask this one safety question before I start experimenting. I have lots > of iptables rules. If I compile nftables into my kernel, and also > leave iptables there, and reboot, what will happen? Will packets go > through both iptables and nftables? In what order? Without any > configuration from user space, does nftables pass along each packet > without intervention? > I would not recommend mixing two different rulesets from two different frameworks. Is an experimental situation, and your server networking can be hurt. While the next version of iptables (userspace) is expected to natively use the nf_tables kernel subsystem, the latest iptables (1.4.21) still uses his own subsystem. That being said, test it and get back to the list with the results :-) regards. -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
