Arturo Borrero, mai haɓaka Debian wanda ke cikin ɓangaren Netfilter Project Coreteam kuma mai kula da fakitin da suka danganci nftables, iptables da netfilter akan Debian, matsar da babban sakin na gaba na Debian 11 don amfani da nftables ta tsohuwa. Idan an yarda da tsari, fakiti tare da iptables za a koma zuwa rukunin zaɓuɓɓukan zaɓi waɗanda ba a haɗa su cikin ainihin fakitin ba.
Fitar fakitin Nftables sananne ne don haɗewar fakitin tace musaya don IPv4, IPv6, ARP da gadoji na cibiyar sadarwa. Nftables yana ba da ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun tsari a matakin kwaya wanda ke ba da ayyuka na asali don ciro bayanai daga fakiti, yin ayyukan bayanai, da sarrafa kwarara. Ana tattara ma'anar tacewa kanta da ƙayyadaddun ƙa'idodin ƙa'ida zuwa bytecode a cikin sarari mai amfani, bayan haka ana loda wannan bytecode a cikin kernel ta amfani da mahallin Netlink kuma a aiwatar da shi a cikin injin kama-da-wane na musamman wanda ke tunawa da BPF (Berkeley Packet Filters).
Ta hanyar tsoho, Debian 11 kuma yana ba da tsayayyen Tacewar wuta, wanda aka ƙera azaman abin rufewa a saman nftables. Firewalld yana gudana azaman tsarin baya wanda ke ba ku damar canza ƙa'idodin tace fakiti ta hanyar DBus ba tare da sake shigar da ka'idodin tace fakiti ko karya kafaffen haɗin gwiwa ba. Don sarrafa Tacewar zaɓi, ana amfani da mai amfani Firewall-cmd, wanda, lokacin ƙirƙirar dokoki, ba a dogara da adiresoshin IP ba, musaya na cibiyar sadarwa da lambobin tashar jiragen ruwa, amma akan sunayen sabis (alal misali, don buɗe damar shiga SSH kuna buƙatar. gudanar da "firewall-cmd -add -service = ssh", don rufe SSH - "firewall-cmd -remove -service=ssh").
source: budenet.ru