Re: nft newbie
On Sat 9 Jul 2022, at 07:17, Gareth Evans <donotspam@fastmail.fm> wrote:
[...]
> If there is no drop by default, why add "policy accept" for
> related/established as it does? Doesn't this happen anyway?
I suppose this probably modifies behaviour for otherwise closed ports (which would make sense for a firewall!) but I can't find much of a high-level overview in documentation - man nft, wiki.
I would still be grateful for thoughts from experienced nft users if any issues seem to arise from the lack of qualified "policy drop" in input. Also for any good nft/netfilter overview articles etc.
Thanks,
Gareth
Reply to: