Re: Nftables in jessie?
On 8 May 2014 19:16, Frank Bauer <frank.c.bauer@gmail.com> wrote:
> Hi,
>
> Jessie currently contains linux 3.13, which includes the successor of
> iptables - nftables.
> Unfortunately, the userspace tools (nftables) are still missing even in
> sid/experimental.
>
As Vincent Bernat said, is in NEW. Has been in NEW for a month or so.
> Is there a general plan to support nftables in jessie? As the release
> managers reminded
> us recently, the freeze will be here in no time. I believe it is essential
> for users to be able
> to test this new technology in jessie before fully switching to it in
> jessie+1.
>
Unfortunately, there isn't a 'general plan'.
I mean, the package will be uploaded and maintained. But no talk
happened about what means having nftables in Debian.
I think the following points may be interesting:
* in which state/shape is the nftables framework?
* what about the iptables and the compat layer? The next upstream
release of iptables will, by default, use the nf_tables kernel
subsystem.
* what about a standard firewall service (like other distros do).
iptables also lacks of it.
* Some bugs happened in the Debian kernel package, and the kernel
currently in Jessie comes without nf_tables enabled [0].
Thanks for your interest Frank.
I would like to hear suggestions, comments and ideas.
regards.
[0] #742763 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742763
--
Arturo Borrero González
Reply to: