I came across this blog, from Jonathan Corbet, dated Feb 19th, 2018.
BPF Comes to Firewalls, by Jonathan Corbet
I found this rather fascinating, since I was aware that nftables seemed pre-ordained to be the successor to iptables. I had even purchased and read Steven Suehring's Linux Firewalls book, which covers both iptables and nftables.
At the end of the day, I only see iptables and firewalls based on iptables (e.g. FirewallD) being used. I have not encountered any nftables firewalls yet.
And the other noted point is that nftables IS in the current version of the Linux Kernel. BPF is not.
But, can BPF come into Linux distributions alongside nftables soon, and wind up replacing nftables?
That is the question.
Another interesting blog post addressing the impetus of BPF, is this one:
why-is-the-kernel-community-replacing-iptables
Intelligence = Applied Curiosity with a coefficient of how fast that curiosity is applied and satisfied.
Subscribe to:
Post Comments (Atom)
Fixing Clustering and Disk Issues on an N+1 Morpheus CMP Cluster
I had performed an upgrade on Morpheus which I thought was fairly successful. I had some issues doing this upgrade on CentOS 7 because it wa...
-
After finishing up my last project, I was asked to reverse engineer a bunch of work a departing developer had done on Kubernetes. Immediat...
-
Initially, I started to follow some instructions on installing Kubernetes that someone sent to me in an email. I had trouble with those, s...
-
I spent some time researching and using NetFlow this week (about a day). Basically, you download the nfdump package, which has the collect...
No comments:
Post a Comment