[Spivak]

Hot damn this list is fantastic, I have exactly 0 complaints. All this stuff has been more than a decade in the making for removal.

I was and still am worried about IBM meddling but Fedora/Redhat is still killing it in pushing Linux forward and being the biggest driver for ecosystem wide changes.

🫡 to iptables for being with us so long, but the future of programmable declarative firewall rules is so unbelievably worth it.

[zb3]

That's the first time I see an emoji on HN, are emojis even allowed here (technically)?

[detaro]

there is a filter to remove them, but it's not catching all of them.

[bombcar]

♥ - I suspect the newest ones aren’t caught?

🫸🫨🫷

[femiagbabiaka]

What's the ubiquitous replacement for iptables? Last I checked every distro had a different declarative firewall rule manager.

[melvyn2]

nftables is the new underlying kernel system, and the (unfortunately named) `nft` cli to manage it seems to be widely available.

[Arnavion]

And re: declarative, `nft -f foo` loads rules from the file named `foo`, and some distros like Debian define an nftables service that will use this to load `/etc/nftables.conf` etc.

Or if you want to use firewalld you can configure it to use its nftables backend.