published Classical tools for managing the package filter Iptables 1.8.8 , the development of which has recently been concentrated on components to maintain reverse compatibility-iPtables-NFT and EBTABLES-NFT providing utilities with the same command line syntax as in IPTables and Ebtables, but broadcast the obtained rules into the nf_table bytcode. The original set of IPTABles programs, including IP6Tables, Arptables and Ebtables, was transferred to the category of obsolete in 2018 and has already been replaced by NFTables in most distributions.
in the new version:
- In the IPTables-Translate utility, which converts the IPTables rules to the NFTables rules, support for Connlimit and TCPMSS expressions, SCTP and Multiport have the possibility of using —Chunk-types and —ports ”.
- Simplified the transfer to the NFTABES Rules ConneTrack blocks and options “–tcp-flags”.
- Libxtables is prohibited from calling from executable files with flag Setuid.
- In the IPTables-NFT utility, the built-in chains are allowed.
- Iptables-NFT added a parser rule from the Arptables-NFT utility.
- In the Arptables-NFT utility, support for commands -c ‘and’ -s’ commands is added, the rules for command -I and ‘-r’ are implemented, and support for the syntax of meters’ -c n, m ‘.
- In the *NAT tables, support for indicating several IPV4 addresses at once.
- Implemented the possibility of turning on the debuging output in the IPTables-Restore, Iptables-NFT and EBTables-NFT through the repeated indication of the ‘-v’.
- Iptables-Save and Iptables-Restore.
utilities are increased.
/Media reports.