If you’re not aware that the next kernel version will replace iptables by nftables, it’s time to learn on how it works, what are the features, why the change and how to use it.

If like me, you love PF, you’ll be pleased to find a similar syntax on NFtables ! To have a good introduction on it, look at those slides :

  1. Do you think that the tools like Shorewall, that is generating iptables syntax, will be adapted ?

    • I don’t know. The syntax is completely different so it depends if those kind of software is still maintained or not. At start shorewall, was built (if I remember well) because of a lack of simplicity. NFtables is really easier so I don’t see the interest of this kind of apps anymore.

