<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>As much as I was fighting to find a worthy, Linux-based firewall
distro for our office that was feature-rich, and still free, I
came to conclude that the BSD-based "OpnSense" was a fantastic
pfSense fork and my best option. We'd used Endian in the past,
but it was far too simple for some of our VLAN needs, and I had to
standardize on something.</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 1/31/2019 4:43 PM, Jim Kinney via
Ale wrote:<br>
</div>
<blockquote type="cite"
cite="mid:69f301d8e7edca0956753e0923bc63b8c3551a67.camel@gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>Hmm. Looks like iptables has not been dropped. My Fedora 29
installs:</div>
<div><br>
</div>
<div>nftables-0.9.0-2.fc29.x86_64</div>
<div>ebtables-2.0.10-28.fc29.x86_64</div>
<div>iptables-1.8.0-3.fc29.x86_64</div>
<div><br>
</div>
<div>Apparently the different tools can all be used to manipulate
the netfilter subsystem in the kernel.</div>
<div><br>
</div>
<div>But, yes, for some loosely defined value of "using", you are
correct that nftables is the replacement.</div>
<div><br>
</div>
<div>By the time I wrap my head of _that_ it will all be run in
systemd anyway so I won't need to do anything :-}</div>
<div><br>
</div>
<div>On Thu, 2019-01-31 at 15:03 -0600, Preston via Ale wrote:</div>
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px
#729fcf solid;padding-left:1ex">
<pre>On 1/26/2019 8:17 PM, Jim Kinney via Ale wrote:</pre>
<pre><snipped></pre>
<pre>
</pre>
<blockquote type="cite" style="margin:0 0 0 .8ex;
border-left:2px #729fcf solid;padding-left:1ex">
<pre>The firewall was overdue for replacement... This is done with several iptables entries for nat and port</pre>
<pre>forwarding.</pre>
</blockquote>
<pre>
</pre>
<pre>Wait, I thought we were supposed to be using nftables nowadays.</pre>
<pre>
</pre>
<pre>Preston</pre>
<pre>
</pre>
</blockquote>
<div><span>
<pre><pre>--
</pre>James P. Kinney III
Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
<a class="moz-txt-link-freetext" href="http://heretothereideas.blogspot.com/">http://heretothereideas.blogspot.com/</a>
</pre>
</span></div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Ale mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Ale@ale.org">Ale@ale.org</a>
<a class="moz-txt-link-freetext" href="https://mail.ale.org/mailman/listinfo/ale">https://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a class="moz-txt-link-freetext" href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</pre>
</blockquote>
<div class="moz-signature">-- <br>
<div style="color: rgb(36, 91, 126); font-size: 11pt;">Brian W.
Neu<br>
Principal<br>
Advanced Open Systems, Inc.<br>
<span style="font-style: italic;">Technology Applied for
Business</span><br>
aosystems1 (skype)<br>
678.310.7890 (w) <br>
404.452.0043 (c)
</div>
</div>
</body>
</html>