Masu bi и Ubuntu masu haɓakawa canza zuwa tsoho fakiti tace .
Don kiyaye daidaituwar baya, ana ba da shawarar amfani da kunshin , wanda ke ba da kayan aiki tare da tsarin layin umarni iri ɗaya kamar iptables, amma yana fassara ƙa'idodin da aka haifar zuwa nf_tables bytecode. Ana shirin haɗa canjin a cikin sakin faɗuwar Ubuntu 20.10.
Wannan shine ƙoƙari na biyu na ƙaura Ubuntu zuwa nftables. An yi ƙoƙari na farko a bara, amma an ƙi saboda rashin dacewa da kayan aikin . Yanzu a cikin LXD tuni tallafi na asali don nftables kuma yana iya aiki tare da sabon fakiti tace baya. Ga masu amfani waɗanda ba su da isassun matakan dacewa, ikon shigar da kayan aiki na gargajiya iptables, ip6tables, arptables da ebtables tare da tsohon baya.
Ka tuna cewa a cikin fakiti tace Abubuwan musaya masu tace fakiti don IPv4, IPv6, ARP da gadoji na cibiyar sadarwa sun haɗu. Kunshin nftables ya haɗa da abubuwan tace fakiti waɗanda ke gudana a cikin sararin mai amfani, yayin da aikin matakin kernel ke samar da tsarin nf_tables, wanda ya kasance wani ɓangare na kernel Linux tun lokacin da aka saki 3.13. Matakan kernel yana ba da keɓantaccen tsari mai zaman kansa kawai wanda ke ba da ayyuka na asali don fitar da bayanai daga fakiti, aiwatar da ayyukan bayanai, da sarrafa kwarara.
Ana tattara ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙayyadaddun ƙa'idodi zuwa cikin bytecode mai amfani-sarari, bayan haka ana loda wannan bytecode a cikin kernel ta amfani da mahallin Netlink kuma a aiwatar da shi a cikin kernel a cikin na'ura ta musamman mai kama da BPF (Berkeley Packet Filters). Wannan tsarin yana ba da damar rage girman lambar tacewa da ke gudana a matakin kernel kuma motsa duk ayyukan ƙa'idodi da dabaru na aiki tare da ka'idoji zuwa sararin mai amfani.
source: budenet.ru