Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux_router:iptables [2019-12-08 Sun wk49 12:06] baumkplinux_router:iptables [2023-04-30 Sun wk17 17:43] (current) – external edit 127.0.0.1
Line 1: Line 1:
 +{{tag>linux router firewall IPTables}}
 =====IPTables Configuration===== =====IPTables Configuration=====
  
-I went down the route of attempting to configure the firewall using NFtables. NFTables has some nice features that look to make it more user friendly than IPTables. That being said for those already familiar with IPTables this will not be the case. Furthermore, on larger, more complex installs NFTables looks to have some significant technical advantages over IPTables, but these benefits are probably less significant on my smaller undertaking. +I went down the route of attempting to configure the firewall using NFtables. NFTables has some nice features that look to make it more user friendly than IPTables. On larger, more complex installs NFTables looks to have some significant technical advantages over IPTables, but these benefits are probably less significant on my smaller undertaking. That being said for those already familiar with IPTables this will not be the case. 
 + 
 +As of year ending 2019 general support and functionality of NFTables is much improved.  That being said overall information and support for IPTables is more comprehensive.  Application packages such as Docker and Fail2ban basically still have default enbedment of IPTables with use of NFTables required greater care and effort
  
 <fs smaller>Unfortunately the package version supplied with Ubuntu 16.04 was released in 2015-11, and during my configuration I found some bugs. Also mss clamping is not supported in this version. I tried the Ubuntu 18.04 development version and the previous noted bugs were no longer apparent and mss clamping was supported.</fs> <fs smaller>Unfortunately the package version supplied with Ubuntu 16.04 was released in 2015-11, and during my configuration I found some bugs. Also mss clamping is not supported in this version. I tried the Ubuntu 18.04 development version and the previous noted bugs were no longer apparent and mss clamping was supported.</fs>
Line 107: Line 110:
   *''iptable -L'' , lists the tables, by default the filter table. To list the nat table, add ''-t nat''. For more verbose information, add ''-v''   *''iptable -L'' , lists the tables, by default the filter table. To list the nat table, add ''-t nat''. For more verbose information, add ''-v''
  
-  *< linux_router:nftables|Prev page ^ linux_router:start|Start page ^ linux_router:nftables|Next page ->+---- 
 + 
 +  *< linux_router:nftables_control|Prev page ^ linux_router:start|Start page ^ linux_router:DNS_DHCP|Next page ->