Kutevera ΠΈ Ubuntu vagadziri chinja kune default packet filter .
Kuti uchengetedze kumashure kuenderana, zvinokurudzirwa kushandisa package , iyo inopa zvishandiso zvine imwechete yekuraira mutsara syntax se iptables, asi inoshandura iyo inoguma mitemo mu nf_tables bytecode. Shanduko iyi yakarongwa kuverengerwa mukudonha kuburitswa kweUbuntu 20.10.
Uku ndiko kuyedza kwechipiri kutamisa Ubuntu kune nftables. Kuedza kwekutanga kwakaitwa gore rapfuura, asi kwakarambwa nekuda kwekusapindirana neturusi . Iye zvino muLXD nechekare Tsigiro yemuno yenftables uye inogona kushanda neiyo nyowani packet kusefa backend. Kune vashandisi vasina kukwana zvakakwana kuenderana layer, kugona kuisa classic utilities iptables, ip6tables, arptables uye ebtables ine yekare backend.
Rangarira kuti mune sefa yepakiti Packet filtering interfaces ye IPv4, IPv6, ARP uye network mabhiriji akabatanidzwa. Iyo nftables package inosanganisira packet filter zvikamu zvinomhanya munzvimbo yemushandisi, nepo kernel-level basa rinopihwa nenf_tables subsystem, yanga iri chikamu cheLinux kernel kubva pakaburitswa 3.13. Iyo kernel level inopa chete generic protocol-yakazvimirira interface inopa zvakakosha mabasa ekubvisa data kubva pamapakiti, kuita data mashandiro, uye kuyerera kuyerera.
Iyo yekusefa inotonga pachayo uye maprotocol-chaiwo mabati anounganidzwa muuser-space bytecode, mushure meiyo bytecode inoiswa mukernel uchishandisa iyo Netlink interface uye inouraiwa mukernel mune yakakosha muchina wakafanana neBPF (Berkeley Packet Filters). Iyi nzira inoita kuti zvikwanise kudzikisa zvakanyanya saizi yekusefa kodhi inomhanya padanho re kernel uye kufambisa mabasa ese emitemo yekuparadzanisa uye pfungwa yekushanda nemaprotocol munzvimbo yemushandisi.
Source: opennet.ru