Kutsatira ΠΈ Madivelopa a Ubuntu sinthani kukhala fyuluta ya paketi yokhazikika .
Kuti mupitirize kuyanjana m'mbuyo, tikulimbikitsidwa kugwiritsa ntchito phukusi , yomwe imapereka zothandizira ndi mawu ofanana a mzere wa lamulo monga iptables, koma amamasulira malamulowo kukhala nf_tables bytecode. Kusinthaku kukukonzekera kuphatikizidwa pakutulutsidwa kwa Ubuntu 20.10.
Uku ndiye kuyesa kwachiwiri kusamutsa Ubuntu kupita ku nftables. Kuyesera koyamba kunachitika chaka chatha, koma adakanidwa chifukwa chosagwirizana ndi zida . Tsopano mu LXD kale thandizo lachilengedwe la nftables ndipo imatha kugwira ntchito ndi kusefa kwa paketi yatsopano. Kwa ogwiritsa ntchito omwe alibe gawo lokwanira lolumikizana, Kutha kukhazikitsa ma iptables apamwamba, ma ip6tables, ma arptables ndi ma ebtable okhala ndi backend yakale.
Kumbukirani kuti mu paketi fyuluta Zosefera paketi za IPv4, IPv6, ARP ndi milatho yama network alumikizidwa. Phukusi la nftables limaphatikizapo zosefera za paketi zomwe zimagwira ntchito pamalo ogwiritsira ntchito, pomwe ntchito ya kernel imaperekedwa ndi nf_tables subsystem, yomwe yakhala gawo la Linux kernel kuyambira kutulutsidwa kwa 3.13. Mulingo wa kernel umapereka mawonekedwe odziyimira pawokha a generic protocol omwe amapereka ntchito zoyambira kuchotsa deta m'mapaketi, kuchita ma data, ndikuwongolera kuyenda.
Malamulo osefera ndi ogwiritsira ntchito ma protocol amapangidwa kukhala bytecode mu malo ogwiritsira ntchito, pambuyo pake bytecode iyi imayikidwa mu kernel pogwiritsa ntchito mawonekedwe a Netlink ndi kuphedwa mu kernel mu makina apadera omwe amakumbukira BPF (Berkeley Packet Filters). Njirayi imakuthandizani kuti muchepetse kwambiri kukula kwa code yosefera yomwe ikuyenda pamlingo wa kernel ndikusuntha ntchito zonse za malamulo ophatikizira ndi malingaliro ogwirira ntchito ndi ma protocol mu malo ogwiritsa ntchito.
Source: opennet.ru