Linked by Thom Holwerda on Fri 20th Mar 2009 22:01 UTC, submitted by diegocg
Linux The Netfilter development team's Patrick McHardy has released an alpha version of nftables, a new firewall implementation for the Linux kernel, with a user space tool for controlling the firewall. nftables introduces a fundamental distinction between the user space defined rules and network objects in the kernel: the kernel component works with generic data such as IP addresses, ports and protocols and provides some generic operations for comparing the values of a packet with constants or for discarding a packet.
Permalink for comment 354306
To read all comments associated with this story, please click here.
RE: And yet another packet filter
by WereCatf on Sat 21st Mar 2009 10:44 UTC in reply to "And yet another packet filter"
Member since:

Anyone else annoyed with the Linux mentality of "swap sub-systems ad nauseum until we magically hit upon something that works"? First it's ipfwadm, then ipchains, then iptables, now nftables. What's next?

Nope, I ain't annoyed in the least. It's just logical to try several different ways to reach a goal and choose the one which seems to work the best. That's what they did with f.ex. USB sybsystem. It didn't work too well in the past, now it's working just peachy.

But, looking at your previous comments you've got an axe to grind with Linux and you're just trying to troll here in favor of BSD. Just leave it be and provide something meaningful to the conversation, mmkay?

Reply Parent Score: 5