On Wed, May 14, 2014 at 4:06 PM, Arturo Borrero Gonzalez <arturo.borrero.g...@gmail.com> wrote: > > Just to let you know: nftables is now on Debian [0]. > > Comments are welcome :)
nftables migrated to jessie today, so I gave it a try and so far so good. As I use rather simple iptables config, converting it to the nftables was a piece of cake with the added benefit of being more compact and IMHO more readable than before. For debugging purposes (log action) I was puzzled about not seeing any logged packets in syslog. Fortunately https://home.regit.org/2014/02/nftables-and-netfilter-logging-framework/ helped. There should be some simple guide in the manpage or README.Debian regarding the extra setup of the logging subsystem. As there are some config examples in /etc/nftables, I would appreciate to have subdirectories conf-available and conf-enabled (like Lighttpd or Apache) and a systemd unit to load these at boot time. Cheers, Frank -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAPds5_KGC1FM-NnYN_Kt=AzoJX=pexwulyc5rn5rlnoqm_r...@mail.gmail.com
