Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nftables support on linux #52

Open
hvenev opened this issue Sep 21, 2016 · 2 comments
Open

nftables support on linux #52

hvenev opened this issue Sep 21, 2016 · 2 comments

Comments

@hvenev
Copy link

hvenev commented Sep 21, 2016

It would be nice to use it instead as it's meant to replace *tables.
@ghost
Copy link

ghost commented Nov 14, 2016

nftables has been around quite a long time, and it's always been slated as the "replacement" for iptables. I don't think there's any significant momentum in this regard.

That being said.. the adaptation of nftables to Comcast rule generation wouldn't be all that difficult.

Most of the heavy lifting is done with TC. TC still exists with an nftables system. We'd only have to replace the functionality to bind the filter rules to the queue set up by TC. Really, the only thing iptables does is classify the packet in postrouting to target it at the TC class.

There's some way to do that in nftables, we'd just need to figure out that command and template it and add it as an option (similar to how we switch between iptables and ip6tablkes).

@q2dg
Copy link

q2dg commented Sep 12, 2022

Well, nowadays resolving this issue is mandatory

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hvenev @q2dg