Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.misc > #70461

Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use

From Mike Scott <usenet.16@scottsonline.org.uk.invalid>
Newsgroups comp.os.linux.misc
Subject Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use
Date 2025-08-06 11:38 +0100
Organization Scott family
Message-ID <106vbak$3adhl$1@dont-email.me> (permalink)
References (3 earlier) <106ul6f$35j8e$1@dont-email.me> <78GdnZIBLeXXdA_1nZ2dnZfqn_idnZ2d@giganews.com> <106v3sk$38i5i$1@dont-email.me> <106v5ce$398s7$1@dont-email.me> <106v7kg$39j0g$2@dont-email.me>

Show all headers | View raw

On 06/08/2025 10:35, Nuno Silva wrote:
> On 2025-08-06, Lawrence D'Oliveiro wrote:
> 
>> On Wed, 6 Aug 2025 09:31:16 +0100, Mike Scott wrote:
>>
>>> I'm far more used to pf on a freebsd server at home. It's
>>> (reasonably) clear to configure, and flexible to use. I had plans to
>>> switch to linux - but abandoned them purely because of the linux
>>> firewall's (to me) opacity and lack of particular needed features.
>>
>> It’s nftables on Linux now. I wonder what features you needed, that
>> presumably you were able to get on BSD, given that the Linux network stack
>> is generally considered the most advanced these days.

pf's tables - a list of ip addresses you treat within the rules as a 
group, and change on the fly as desired. (pfctl -t inboundblock -T add 
1.2.3.0/24; pfctl -t inboundblock -T show). If something similar is 
available, I certainly couldn't find it.

> 
> Is it really nftables instead of iptables now or is this one of your
> "Wayland has replaced Xorg" and "systemd has replaced all other init
> systems" moments?

There's the rub. For someone trying to get to grips with this, how does 
it help to have a plethora of alternatives, a mound of interfaces, and - 
let's face it - an awful lot of poor documentation around.

Add to that, a firewall is critical in its configuration. Other stuff, 
you can try things out and if it doesn't work, then well, just put back 
the old settings. Get the firewall wrong and the whole system becomes 
untrustable - and you can't test it without going live.
> 


-- 
Mike Scott
Harlow, England

Back to comp.os.linux.misc | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-05 08:14 +0000
  Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marc Haber <mh+usenetspam1118@zugschl.us> - 2025-08-05 11:22 +0200
    Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marco Moock <mm@dorfdsl.de> - 2025-08-05 11:34 +0200
  Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use jayjwa <jayjwa@atr2.ath.cx.invalid> - 2025-08-05 11:30 -0400
    Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use The Natural Philosopher <tnp@invalid.invalid> - 2025-08-05 19:56 +0100
      Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-06 01:06 +0000
    Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use John McCue <jmclnx@gmail.com.invalid> - 2025-08-06 01:32 +0000
      Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-06 04:20 +0000
        Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use c186282 <c186282@nnada.net> - 2025-08-06 01:33 -0400
          Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2025-08-06 09:31 +0100
            Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-06 08:56 +0000
              Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Nuno Silva <nunojsilva@invalid.invalid> - 2025-08-06 10:35 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2025-08-06 11:38 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-07 00:06 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2025-08-11 11:50 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-11 22:02 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2025-08-12 08:39 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marc Haber <mh+usenetspam1118@zugschl.us> - 2025-08-12 10:49 +0200
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use The Natural Philosopher <tnp@invalid.invalid> - 2025-08-12 10:54 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2025-08-12 18:47 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-12 23:36 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use "Carlos E. R." <robin_listas@es.invalid> - 2025-08-12 12:08 +0200
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use rbowman <bowman@montana.com> - 2025-08-12 19:35 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-12 23:07 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2025-08-13 09:47 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Richard Kettlewell <invalid@invalid.invalid> - 2025-08-06 14:21 +0100
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use The Natural Philosopher <tnp@invalid.invalid> - 2025-08-06 16:24 +0100
            Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use The Natural Philosopher <tnp@invalid.invalid> - 2025-08-06 10:12 +0100
          Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Anssi Saari <anssi.saari@usenet.mail.kapsi.fi> - 2025-08-07 11:43 +0300
        Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use John McCue <jmclnx@gmail.com.invalid> - 2025-08-06 11:55 +0000
      Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marc Haber <mh+usenetspam1118@zugschl.us> - 2025-08-06 07:40 +0200
        Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-06 06:31 +0000
          Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marc Haber <mh+usenetspam1118@zugschl.us> - 2025-08-06 11:06 +0200
            Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Richard Kettlewell <invalid@invalid.invalid> - 2025-08-06 14:25 +0100
              Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marc Haber <mh+usenetspam1118@zugschl.us> - 2025-08-06 17:11 +0200
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-06 23:59 +0000
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Marc Haber <mh+usenetspam1118@zugschl.us> - 2025-08-07 08:37 +0200
                Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-07 06:52 +0000
      Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use "Carlos E.R." <robin_listas@es.invalid> - 2025-08-06 12:46 +0200
        Re: Yes, You Need A Firewall On Linux - Here’s Why And Which To Use Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-08-06 23:56 +0000

csiph-web