Hacker News new | past | comments | ask | show | jobs | submit login
Iptables Basics (jvns.ca)
43 points by unmole on June 9, 2017 | hide | past | favorite | 4 comments



iptables is the standard currently, but I'd suggest learning nftables. nftables is meant to replace iptables everywhere.

It might take time for it to gain the same usage as iptables, but it is currently a drop-in replacement for iptables on many distros. Relevant discussion here: https://news.ycombinator.com/item?id=14286016

Also: https://developers.redhat.com/blog/2016/10/28/what-comes-aft...


Nod.

iptables is old and awful.

nftables has been around for quite some time, and is now part of pretty much all distributions, including Debian. It's way cleaner and easier to use.

There are no reasons to stick to iptables in 2017.


They also cover L2 filtering, done traditionally with ebtables. You get both for the better price of one.


It's inconvenient that something so important is so hard to understand and manage.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: