# update-alternatives -set ip6tables /usr/sbin/ip6tables-nft The default starting with Debian 10 Buster: # update-alternatives -set iptables /usr/sbin/iptables-nft You can switch back and forth between iptables-nft and iptables-legacy by means of update-alternatives (same applies to arptables and ebtables). This also affects ip6tables, arptables and ebtables. Starting with Debian 10 Buster, nf_tables is the default backend when using iptables, by means of the iptables-nft layer (i.e, using iptables syntax with the nf_tables kernel subsystem). NOTE: the nftables framework is used by default in Debian since Debian 10 Buster. Fortunately, there are many configuration tools (wizards) available to assist, and the most interesting is probably firewalld but others include fwbuilder, bastille, ferm, ufw and opensnitch.
Two of the most common uses of iptables is to provide firewall support and NAT.Ĭonfiguring iptables manually is challenging for the uninitiated. Iptables provides packet filtering, network address translation (NAT) and other packet mangling.
NOTE: iptables was replaced by nftables starting in Debian 10 Buster
Translation(s): English - Italiano- Español
0 kommentar(er)
