[H-GEN] LWN: 'Nftables: a new packet filtering engine'
Benjamin Fowler
ben.fowler.bjf at gmail.com
Sat Oct 19 21:25:36 EDT 2013
Hello all,
Spotted this on Slashdot today.
http://lwn.net/Articles/324989/
The idea of implementing a virtual machine in the kernel to handle firewall
rules (and a new rule language and a compiler to translate the rules)
strikes me as slight overkill.
What do people think?
Cheers, Ben.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20131020/e9329fee/attachment.html>
More information about the General
mailing list