Web lists-archives.com

Re: nftables howto?

Curt <curty@xxxxxxx> writes:

> On 2018-10-28, Kamil Jońca <kjonca@xxxxxxxxxxxxxx> wrote:
>> Recent upgrade surprised me with iptables->nftables migration.
>> I understand I should prepare to migrate, but I cannot found
>> comprehensive documentation of nftables.
>> For example:
>> In my ipsec updown script I have something like:
>> --8<---------------cut here---------------start------------->8---
>> iptables -I INPUT -i ${PLUTO_INTERFACE}  -m policy --dir in  --pol ipsec --reqid  $PLUTO_REQID   -j ipsec-in-${PLUTO_REQID}
>> --8<---------------cut here---------------end--------------->8---
>> Where can I read how to translate it to nftables? (especially --reqid)
>> Or how can I write updown script which insert some rules when client
>> connects, and "purge" them on disconnect?
>> KJ
> I found this rather rapidly:
> https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nftables
> I don't if it addresses your specific issue, but good luck anyhow.

I read it.
I also read https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
(and subpages)

But I thing that I missed something important.


I came, I saw, I deleted all your files.