| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by nubinetwork 1134 days ago
	No ipset or iptables? Hard pass. There is literally no reason for them to get rid of something that works, and isn't full of security holes. Edit: while nftables can replace iptables, I don't know of a replacement for ipset.

1 comments

supriyo-biswas 1134 days ago

https://wiki.nftables.org/wiki-nftables/index.php/Sets

link

nubinetwork 1134 days ago

Interesting, thanks.

Why does the syntax suck? "ipset add blackhole 192.168.3.4" is far easier to remember than "nft add element ip filter blackhole { 192.168.3.4 }"

link

yamtaddle 1134 days ago

As far as I can tell, all the authors of new networking tools on Linux just loooooove Cisco's IOS. All these new commands look like they'd be perfectly at home there, and seem very alien to me on Linux.

link

Alifatisk 1134 days ago

The latter look hideous

link