nft bewilderment

To: debian-user <debian-user@lists.debian.org>
Subject: nft bewilderment
From: ghe <ghe@slsware.net>
Date: Tue, 5 May 2020 10:57:24 -0600
Message-id: <[🔎] a9363f54-b318-ed3d-f5f1-3018b80e5752@slsware.net>

Buster, Supermicro desktop, nft noob

Can anyone recommend a book or website with a thorough explanation of
nft (the iptables replacement)?

I'm working on rewriting my aged packet filter shell script (big and
from the ipchains days) with nft and python. I've spent several hours on
the web, and I've found lots of info about nft, but nowhere have I come
across a plain and straightforward explanation -- lots of 'how nft is a
huge improvement over iptables', but very little about why or what
things mean or what's necessary to make things happen.

So far, the best I've been able to do is just change the commands in
examples and test them to see what happens.

Like, for one example: What's a 'base chain', what's not, why do both
exist, what's the functional difference, what do the various components
of the command line mean, etc.

-- 
Glenn English

Reply to:

Follow-Ups:
- Re: nft bewilderment
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

Prev by Date: Re: armhf: buster: TLS / HTTPS partly broken
Next by Date: Re: nft bewilderment
Previous by thread: Re: Cannot display this video mode
Next by thread: Re: nft bewilderment
Index(es):
- Date
- Thread