Re: is nft running? how do I get info?

To: debian-user@lists.debian.org
Subject: Re: is nft running? how do I get info?
From: songbird <songbird@anthive.com>
Date: Tue, 25 Apr 2023 11:52:28 -0400
Message-id: <[🔎] si9lhj-7nf.ln1@anthive.com>
Reply-to: songbird <songbird@anthive.com>
References: <[🔎] AM6PR04MB5095B677D639F72F9A6AB0CA9D679@AM6PR04MB5095.eurprd04.prod.outlook.com> <[🔎] sm0354pfho5.fsf@lakka.kapsi.fi> <[🔎] AM0PR04MB5089032B28E70008ECACE0E99D649@AM0PR04MB5089.eurprd04.prod.outlook.com> <[🔎] AM0PR04MB508903F5097A9EF1079536569D649@AM0PR04MB5089.eurprd04.prod.outlook.com> <[🔎] ZEfN+a8iObId2eff@axis.corp> <[🔎] AM0PR04MB5089FFE0F49C48D0E3B1F4DC9D649@AM0PR04MB5089.eurprd04.prod.outlook.com>

Bonno Bloksma wrote:
...
> Why, now that we are at bookworm, is the nftables service not enabled by default? With a default ruleset that pretty much leaves it all open but is a starting point.
> If we do not want that, then at least the default config should contain a warning about first enabling the service or scripting something to have it working (after a reboot).
>
> I think this is the first time I have come across something in Debian that after being installed by default does nothing, even when provided with a valid config file at the proper location.
> I consider that a bug.
>
> Here is something similar.
> Consider opening your door with a key. Every time you open the door with the key it opens. All is well, you bought the cylinder and key for the lock at a very good locksmith. You told him you had been installing cylinders In doors for years and you were able to insert this cylinder in the door.
> Until sometime later you find out the door never locks, it is always open, that is why you could always enter.
> It turns out you first need to enable the cylinder before it did something useful with the key provided.
> That was something completely new, you never heard of it before, neither do I though. ;-)
>
> Bonno Bloksma

  not everyone wants a firewall installed on their system
(non-desktop users or embedded systems being two examples
that easily come to mind).

  i think for most desktop installs there should be a minimal
firewall installed but then you get into the issue of which one?

  personally i run ufw.


  songbird

Reply to:

References:
- is nft running? how do I get info?
  - From: Bonno Bloksma <b.bloksma@tio.nl>
- Re: is nft running? how do I get info?
  - From: Anssi Saari <as@sci.fi>
- RE: is nft running? how do I get info?
  - From: Bonno Bloksma <b.bloksma@tio.nl>
- RE: is nft running? how do I get info?
  - From: Bonno Bloksma <b.bloksma@tio.nl>
- Re: is nft running? how do I get info?
  - From: David Wright <deblis@lionunicorn.co.uk>
- RE: is nft running? how do I get info?
  - From: Bonno Bloksma <b.bloksma@tio.nl>

Prev by Date: Re: Debian installation using debootstrap and grub-install - no entry in ESC boot menu
Next by Date: Re: AW: EPSON ET M 1120 new printer: If You can read this, you areusing the wrong driver
Previous by thread: RE: is nft running? how do I get info?
Next by thread: Re: is nft running? how do I get info?
Index(es):
- Date
- Thread