Hi, 20 juin 2020 à 16:24 de tom.brow...@gmail.com:
> I see it's recommended that Buster users use nftables, but the default > installation still uses iptables! > True & false. Actually, as explained on https://wiki.debian.org/nftables, Buster uses an "iptables-nft layer (i.e, using iptables syntax with the nf_tables kernel subsystem). This also affects ip6tables, arptables and ebtables." > I need to change ports on my new remote server to allow http and https > traffic, but should I keep using iptables? Or should I remove iptables > and install nftables first? > You decide. iptables is being progressively superseded by nftables. However, the former is still heavily used. nftables is the future, that's why I've chosen it. But it requires a little more effort (new syntax) if you are used to iptables, even if it's considered easier and that some tools help regarding the migration... > If I keep iptables, should I add a firewall management program like > ufw or something else? Is there something like ufw for nftables? > Again you decide considering what you are comfortable with. I don't think ufw works with nftables but you have firewalld instead that works with both I've been told. Or you can use nftables directly... Best regards, l0f4r0
