From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:45389)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fzcYo-0001lj-OJ
	for guix-patches@gnu.org; Tue, 11 Sep 2018 02:54:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fzcYk-0000l0-Kv
	for guix-patches@gnu.org; Tue, 11 Sep 2018 02:54:06 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:60038)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1fzcYk-0000ku-Gs
	for guix-patches@gnu.org; Tue, 11 Sep 2018 02:54:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fzcYk-0001ve-9W
	for guix-patches@gnu.org; Tue, 11 Sep 2018 02:54:02 -0400
Subject: [bug#32465] Add iptables service
Resent-Message-ID: <handler.32465.B32465.15366488137364@debbugs.gnu.org>
Date: Tue, 11 Sep 2018 08:53:29 +0200
From: =?UTF-8?Q?Bj=C3=B6rn_?= =?UTF-8?Q?H=C3=B6fling?=
	<bjoern.hoefling@bjoernhoefling.de>
Message-ID: <20180911085329.2c625c63@alma-ubu>
In-Reply-To: <cu7tvnt6xss.fsf@systemreboot.net>
References: <cu7tvnt6xss.fsf@systemreboot.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	boundary="Sig_/1MuC1Cnsys=pTlKDuTQHBb4";
	protocol="application/pgp-signature"
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Arun Isaac <arunisaac@systemreboot.net>
Cc: 32465@debbugs.gnu.org, Rutger Helling <rhelling@mykolab.com>

--Sig_/1MuC1Cnsys=pTlKDuTQHBb4
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Fri, 17 Aug 2018 16:54:19 +0530
Arun Isaac <arunisaac@systemreboot.net> wrote:

> After we have iterated a few times, and converged on the final patch
> for this service, I will also contribute a similar service for
> ip6tables.


Hi Arun,

thanks for the patch. I have one little comment:

During holidays I read an article about nftables:

https://netfilter.org/projects/nftables/
https://wiki.archlinux.org/index.php/nftables

It aims to be the successor for iptables and is ipv4, ipv6 and others
in one tool/ruleset.

I have no knowledge about the firewall tools, I have no idea of how
mature or accepted that is, I just thought it might be worth
considering instead of writing 3 services.

We already have the userspace package 'nftables' and 'libnftnl' thanks
to Rutger Helling. Maybe he knows more? I put him on CC.

Bj=C3=B6rn


--Sig_/1MuC1Cnsys=pTlKDuTQHBb4
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAluXZmoACgkQvyhstlk+X/2BLQCdH6BunswADpSGEEsQXw0GENYN
ujoAnjlzrrra3ZqfCGhyfUPw2RrFQrbv
=HVOq
-----END PGP SIGNATURE-----

--Sig_/1MuC1Cnsys=pTlKDuTQHBb4--