Erich Titl <erich.t...@think.ch> wrote: > But back to shorewall, do you see any way > your work could be carried on?
One of the issues is that iptables is being deprecated. AIUI, it's already to the stage where nft must be installed and ipt cmd line tools are being relabelled *-legacy - and they call translation tools to translate ipt calls into nft. Or something like that. There's also the bpf package that looks like it might be better - but it's only at an early stage. Whatever happens, Shorewall as it is now will be obsolete. It would need someone with a good skill set (which rules me out) to determine which parts can be re-used, and to write new translators to convert the Shorewall configs into whatever packet filtering system ends up becoming "the standard". So given that there's this huge "end of the line" sign up for iptables based tools, seems like a good time for Tom to be stopping the train. He's driven it well for a good time - and I think we all agree he has saved us all a heck of a lot of pain over the years. _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
