Linked by Thom Holwerda on Fri 20th Mar 2009 22:01 UTC, submitted by diegocg
The Netfilter development team's Patrick McHardy has released an alpha version of nftables, a new firewall implementation for the Linux kernel, with a user space tool for controlling the firewall. nftables introduces a fundamental distinction between the user space defined rules and network objects in the kernel: the kernel component works with generic data such as IP addresses, ports and protocols and provides some generic operations for comparing the values of a packet with constants or for discarding a packet.
Permalink for comment 354254
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-11-14
I believe what you suggest is actually not a "firewall" at all, but more in the ballpark of Mandatory Access Control, and it's been in linux for quite some time (and it does much more than that): take a look at SELinux.