Quentin Demouliere  
@feld
Ok. I don't know IPFW. I use PF on FreeBSD and OpenBSD. I love the syntax of PF. It's so better than Netfilter.
@kravietz
1
kravietz πŸ¦‡  

@qdemouliere @feld

iptables is totally screwed up, but have you tried nftables?

I've converted all my Linux servers to nftables specifically due to its syntax similarity to BSD

1
Loweel  
@kravietz @qdemouliere @feld

may I ask you to expand the similarity between nftables and pf?
1+
Quentin Demouliere  
@loweel @kravietz @feld I read quickly documentation about nftables but i know better iptables. And since i tried PF, i lost interest for Netfilter.
1
Loweel  
@qdemouliere @feld @kravietz

I understand that. I was just curious about how nftables was "similar to BSD pf".....I am not arguing, I just ask....

Perhaps the good of iptables was the one-liner capability (in some cases), while it looks like this is somehow limited in nftables...
1
kravietz πŸ¦‡
Follow

@loweel @feld @qdemouliere

No, you can do both in nftables. Either command-line one liners:

nft add element inet main ossec4 { 10.10.10.10, 10.10.10.20 }

Or the same in config file format which is more suitable for atomic loads.

Β· Β· 0 Β· 0 Β· 0
Sign in to participate in the conversation
Mastodon πŸ” privacytools.io

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, many contributions are tax deductible!

Resources

Developers

What is Mastodon?

social.privacytools.io

More…