On 2/24/20 1:25 AM, Reindl Harald wrote:
Am 24.02.20 um 06:02 schrieb Stephen Satchell:
As for other packages with version numbers of 0.x, I'm not all that
concerned in a firewall router for anything except the firewall facility
itself. This router will have, as its sole job, filtering incoming and
outgoing packets to my upstream.
1.0 vesions in the opensource world typically stand for "feature
complete" and you couldn't care less about features developers are
planning when you don't miss and use them
besides that "nftables" is not the "firewall facility itself", it's the
package with the userland tools
the kernel does the filtering and has no version 0.9 for decades
"A chain is as strong as its weakest link." libnftables.c doesn't carry
a version number in its source, so I don't know what release level it's at.
One thing I would love is a way of injecting packets into a userland
test tool that reports what nftables did with it. If I had such a tool,
I would be more inclined to use a 0.x version because I could verify
that the code plus ruleset is doing what it's supposed to do.
Yes, I know that a number of IP et al filters don't have a quality check
feature. (Run into this all the time with Cisco routers, for example.)
