Use of NFTables instead of IPTables (Step 18: configure firewall)

Question

Use of NFTables instead of IPTables (Step 18: configure firewall)

gspannu opened this issue 2 years ago · comments

gspannu commented 2 years ago

Guide

How to self-host hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS

Summary

I am trying to avoid using IPTables and have switched over to nftables.

Could you provide the equivalent nftables commands (along with the iptables) for Step 18.

I have tried using the auto-translate feature of nftables to convert the iptables commands to nftables syntax... but it does not translate all the commands.

Thanks..

Sun Knudsen · Answer 1 · Wed Aug 10 2022 18:41:19 GMT+0800 (China Standard Time)

Hey @gspannu, I agree one should use nftables (most other guides do) but if I remember my previous attempts correctly, it isn’t straightforward in the context of specific ruleset.

Guide has been deprecated given I am no longer using it myself… that said, open to peer reviewed pull request if you know how to switch firewall to nftables.