Time to move to NFTables
Dec
03
2019
The time has come for us in WebMedea to move away from the iptables firewall. While the software remains actively maintained by Netfilter, I've set my eyes upon the more recently developed nftables as it seems easier to administer and maintain rules. Nftables unifies all the separate utilities of arptables, ebtables, iptables and ip6tables into a single one. It has slightly different rule writing syntax, which can greatly shorten rules, but the principles of filtering practically remain the same.
While poking internet for a quick-to-explain guide, I've arrived (quite obviously) to the nftables wiki 10 minute guide. It literally takes 10 minutes for anyone with previous knowledge of iptables to adapt to the new syntax with this guide.