Debian 10 - nftables vs iptables
by Wolf.Linux from LinuxQuestions.org on (#54TW5)
Back again with another newb question.
So again, my main goal was to be able to replicate the things I know how to do on windows since migrating to linux. One of these is setting up a firewall, I know as a beginner I probably shouldn't be so I'm told but I'm moderately paranoid in terms of security. and since this is a latop I'll probably occasionally be using this in various places. From what I read there's two main ways to set up a firewall: iptables and nftables
Both seem rather daunting but I'm willing to learn. It also appears that from my research nftables is to supposed to replace the "ageing iptables", on the other hand I hear people still liking iptables I don't whether they have deemed it better as a veteran *nix user, or out of years of familiarity and are uncomfortable with switching. Now, I know absolutely zero about either. but according to debian documents when googling nftables:
Quote:
Whatever this means.lol
In plain english it seems that debian 10 uses nftables by default??
So my system information:
Operating System: Debian GNU/Linux 10 (buster)
Kernel: Linux 4.19.0-9-amd64
Architecture: x86-64
Also: Xfce
So my questions is,
Which should I learn to use as a new user?
and where should I begin to learn how to use these?
my goal is to harden my latop as much as possible without going too overboard.
My main issue with a lot of things in linux seems to be peoples inability to make things simple in documentation. There are some that are amazing and simple, and there are some that seem to make my head hurt.
So again, my main goal was to be able to replicate the things I know how to do on windows since migrating to linux. One of these is setting up a firewall, I know as a beginner I probably shouldn't be so I'm told but I'm moderately paranoid in terms of security. and since this is a latop I'll probably occasionally be using this in various places. From what I read there's two main ways to set up a firewall: iptables and nftables
Both seem rather daunting but I'm willing to learn. It also appears that from my research nftables is to supposed to replace the "ageing iptables", on the other hand I hear people still liking iptables I don't whether they have deemed it better as a veteran *nix user, or out of years of familiarity and are uncomfortable with switching. Now, I know absolutely zero about either. but according to debian documents when googling nftables:
Quote:
| Current status NOTE: Debian Buster uses the nftables framework by default. Starting with Debian Buster, nf_tables is the default backend when using iptables, by means of the iptables-nft layer (i.e, using iptables syntax with the nf_tables kernel subsystem). This also affects ip6tables, arptables and ebtables. You can switch back and forth between iptables-nft and iptables-legacy by means of update-alternatives (same applies to arptables and ebtables). The default starting with Debian Buster: # update-alternatives --set iptables /usr/sbin/iptables-nft # update-alternatives --set ip6tables /usr/sbin/ip6tables-nft # update-alternatives --set arptables /usr/sbin/arptables-nft # update-alternatives --set ebtables /usr/sbin/ebtables-nft |
In plain english it seems that debian 10 uses nftables by default??
So my system information:
Operating System: Debian GNU/Linux 10 (buster)
Kernel: Linux 4.19.0-9-amd64
Architecture: x86-64
Also: Xfce
So my questions is,
Which should I learn to use as a new user?
and where should I begin to learn how to use these?
my goal is to harden my latop as much as possible without going too overboard.
My main issue with a lot of things in linux seems to be peoples inability to make things simple in documentation. There are some that are amazing and simple, and there are some that seem to make my head hurt.