On 2/19/20 3:41 PM, Stephen Satchell wrote:
I'm concerned that Centos 8 is using a pre-release version of nftables.
So, with China starting to ramp up its network penetration, I'm going to set aside CentOS 8 and instead bring up Centos 7.6 and continue to use IPTABLES with my existing ruleset, with my BCP-38 addition to NetworkManager plus turning on rp_filter.
Once the NFTABLES project reached 1.0 or so (wait for 1.1?) and it's in the CentOS 8 respositories, I can spin up a CentOS 8 instance and start experimenting.
