@[email protected] I'm not sure if they've switched to nftables by default yet, they might have, maybe it's worth checking if they have any nftables rules defined or something weird
Posts
-
I'm kinda pissed that my arcane knowledge of iptables that was acquired decades ago now has to be replaced with an understanding of nftables. -
I'm kinda pissed that my arcane knowledge of iptables that was acquired decades ago now has to be replaced with an understanding of nftables.@[email protected] if the distro is new and uses nftables, like fedora or something, it might be doing strange things like that
-
I'm kinda pissed that my arcane knowledge of iptables that was acquired decades ago now has to be replaced with an understanding of nftables.@[email protected] but also nftables is syntactically very similar, which helps a lot at least lol
-
I'm kinda pissed that my arcane knowledge of iptables that was acquired decades ago now has to be replaced with an understanding of nftables.@[email protected] I learned something cursed when researching the transition of these things, which is that the linux kernel can load both iptables and nftables rules at the same time, on the same machine, and nftables rules take precedence but fall back to iptables afterwards
imagine trying to debug a system that you thought was using iptables but actually has a secret nftables rule inserted before iptables even sees the packet.. all the iptables rules would be totally correct, because the filtering happens earlier on