Iyo yekirasi packet filter management toolkit iptables 1.8.10 yakaburitswa, budiriro ichangobva kutarisa kune zvikamu zvekuchengetedza kumashure kuenderana - iptables-nft uye ebtables-nft, ichipa zvishandiso zvine imwechete yekuraira mutsara syntax semu iptables uye ebtables, asi kushandura mitemo inoguma mu nftables bytecode. Iyo yekutanga seti yezvirongwa zve iptables, kusanganisira ip6tables, arptables uye ebtables, zvakadzikiswa muna 2018 uye zvakatotsiviwa nenftables mukugovera kwakawanda.
Mushanduro itsva:
- The xtables-translate utility yakawedzera tsigiro yemitemo yekuisa inotsanangura nhamba yeindex (yakashandurwa kuita ntf mitemo 'insert rule ... index N').
- Yakawedzera rutsigiro rwebroute (bhiriji nzira) matafura kune ebtables-nft.
- Iyo debugging yekubuda kweiyo nft-variants utility, inogoneswa nekutsanangura iyo "-v" sarudzo kakawanda, inoratidza iripo seti.
- Yakawedzerwa rutsigiro rwemazita "mld-muteereri-mubvunzo", "mld-muteereri-report" uye "mld-muteereri-aitwa" kureva ICMPv6 meseji mhando 130, 131 uye 132.
- Inove nechokwadi chekuti "meta mark" mataurirwo akapatsanurwa nemazvo uye anoshandurwa kuita "-j MARK" mitemo, inogona kudikanwa kusanganisa nftables uye iptables-nft mutafura imwechete.
- Zvikanganiso zvakaunganidzwa zvakabviswa.
Source: opennet.ru