On 2/24/20 5:12 PM, Trent W. Buck wrote:
Can't you use "ip netns" (or systemd-nspawn, or docker, or libvirt-qemu) to set up a test network with a test firewall, then send packets into / out of that test environment? OK, it's a bit fiddly to set up, but I don't see why you need any special nftables-specific thing when you can just do regular namespace/container/vm techniques.
HOWTO link?
