Nftables, successor to iptables
Submitted by Ranjith Rajaram (@ranjithrajaram) on Monday, 4 February 2019
Technical level: Beginner
Nftables is a new packet classification framework that aims to replace the existing iptables, ip6tables, arptables and ebtables facilities. In this session, we will review the differences between ip*tables and nftables. In the modern world of IaaS,PaaS and SaaS, iptables plays an important role in establishing connection between two distinct objects or from the external world. With the latest update release of all major Linux distributions, iptables are in a deprecated state. So it is important for System Administrators, system developers and integrators to get started with the basics of nftables and understand the important features that this packet classification frameworks brings to the table. This will be basic introductory session that will enable you to successfully adopt nftables
What’s nftables ?
Why nftables replaces iptables ?
Few examples of nftables rules to demonstrate basic task
Integration of nftables with firewalld
Migrating existing iptables to nftables format
Ranjith Rajaram is a Linux Evangelist and an advocate of Libre software. Works for Red Hat as Technical lead. He has 16 years of experience in implementing Linux servers for complex workloads.
He has presented papers in Kubecon Europe and many other International Conferences.