Jump to content

Nftables: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
DSisyphBot (talk | contribs)
m r2.7.2) (Robot: Removing pt:Nftables
No edit summary
Line 21: Line 21:
| size =
| size =
| language =
| language =
| status = Unmaintained
| status = In development
| genre = [[Firewall (computing)|packet filtering]]
| genre = [[Firewall (computing)|packet filtering]]
| license = [[GNU General Public License|GPL (version 2)]]
| license = [[GNU General Public License|GPL (version 2)]]
| website = [http://netfilter.org/projects/nftables/ netfilter.org/projects/nftables] (removed in 2009)
| website = [http://netfilter.org/projects/nftables/ netfilter.org/projects/nftables] (removed in 2009)
}}
}}
'''nftables''' was an engine and administration tool for packet filtering and classification for [[Linux]], intended to replace [[iptables]]. The project stayed in alpha stage and seemed to be abandoned (no new development since July 2010) and the official website was removed in 2009. In March 2010, emails from the author on the project mailing lists showed the project was still active and approaching a beta release<ref>http://www.spinics.net/lists/netfilter-devel/msg12409.html</ref><ref>http://www.spinics.net/lists/netfilter-devel/msg15690.html</ref>, but the latter was never shipped officially.
'''nftables''' is an engine and administration tool for packet filtering and classification for [[Linux]], intended to replace [[iptables]]. The project stayed in alpha stage and the official website was removed in 2009. In March 2010, emails from the author on the project mailing lists showed the project was still active and approaching a beta release<ref>http://www.spinics.net/lists/netfilter-devel/msg12409.html</ref><ref>http://www.spinics.net/lists/netfilter-devel/msg15690.html</ref>, but the latter was never shipped officially. In October 2012, Pablo Neira Ayuso proposed an compatibility for iptables <ref>http://www.spinics.net/lists/netfilter-devel/msg23831.html</ref> and announced a possible inclusion of the project into mainstream kernel.


The author of nftables is Patrick McHardy, who is also the maintainer of [[netfilter]].
The author of nftables is Patrick McHardy, who is also the maintainer of [[netfilter]].

Revision as of 06:54, 26 October 2012

Original author(s)Patrick McHardy
Developer(s)Patrick McHardy
Stable release
0.01-alpha1 / March 18, 2009; 15 years ago (2009-03-18)
Preview release
Repository
Written inC
Operating systemLinux
Typepacket filtering
LicenseGPL (version 2)
Websitenetfilter.org/projects/nftables (removed in 2009)

nftables is an engine and administration tool for packet filtering and classification for Linux, intended to replace iptables. The project stayed in alpha stage and the official website was removed in 2009. In March 2010, emails from the author on the project mailing lists showed the project was still active and approaching a beta release[1][2], but the latter was never shipped officially. In October 2012, Pablo Neira Ayuso proposed an compatibility for iptables [3] and announced a possible inclusion of the project into mainstream kernel.

The author of nftables is Patrick McHardy, who is also the maintainer of netfilter.

The project aims included:

The currently used iptables, ip6tables, arptables, and ebtables (IPv4, IPv6, ARP, and Ethernet bridging) were to be replaced with a single unified implementation, nftables, implemented at the top of a custom virtual machine.

The project was first publicly presented on Netfilter Workshop in September 2008 in Paris. The first preview release of kernel and userspace implementation was given in March 2009[4]. Although the tool has been called, "...the biggest change to Linux firewalling since the introduction of iptables in 2001", it has received little press.[5] Notable hacker Fyodor Vaskovich (Gordon Lyon) said that he is "looking forward to its general release in the mainstream Linux kernel."[5]

References

  1. ^ http://www.spinics.net/lists/netfilter-devel/msg12409.html
  2. ^ http://www.spinics.net/lists/netfilter-devel/msg15690.html
  3. ^ http://www.spinics.net/lists/netfilter-devel/msg23831.html
  4. ^ initial release announcement
  5. ^ a b Gray, Patrick (March 26, 2009). "NEWS: Linux Gets New Firewall". Risky.biz.