Pending nft translations

I’ve compiled a rush list of pending nft translations to work on them this week. Hope to send a lot of patches along this week in order to solve many of them. Refer to the netfilter devel distribution list!

libebt_802_3.c XLATE_PENDING
libebt_ip.c XLATE_PENDING
libebt_limit.c XLATE_PENDING
libebt_log.c XLATE_PENDING
libebt_mark.c XLATE_PENDING
libebt_mark_m.c XLATE_PENDING
libebt_nflog.c XLATE_PENDING
libip6t_DNPT.c XLATE_PENDING
libip6t_dst.c XLATE_PENDING
libip6t_eui64.c XLATE_PENDING
libip6t_frag.c XLATE_PENDING
libip6t_hbh.c XLATE_PENDING
libip6t_HL.c XLATE_PENDING
libip6t_ipv6header.c XLATE_PENDING
libip6t_NETMAP.c XLATE_PENDING
libip6t_SNPT.c XLATE_PENDING
libipt_CLUSTERIP.c XLATE_PENDING
libipt_ECN.c XLATE_PENDING
libipt_NETMAP.c XLATE_PENDING
libipt_TTL.c XLATE_PENDING
libipt_ULOG.c XLATE_PENDING
libxt_addrtype.c XLATE_PENDING
libxt_AUDIT.c XLATE_PENDING
libxt_bpf.c XLATE_PENDING
libxt_cgroup.c XLATE_PENDING
libxt_CHECKSUM.c XLATE_PENDING
libxt_CLASSIFY.c XLATE_PENDING
libxt_cluster.c XLATE_PENDING
libxt_connbytes.c XLATE_PENDING
libxt_connlabel.c XLATE_PENDING
libxt_connlimit.c XLATE_PENDING
libxt_CONNMARK.c XLATE_PENDING
libxt_CONNSECMARK.c XLATE_PENDING
libxt_CT.c XLATE_PENDING
libxt_dscp.c XLATE_PENDING
libxt_DSCP.c XLATE_PENDING
libxt_ecn.c XLATE_PENDING
libxt_hashlimit.c XLATE_PENDING
libxt_HMARK.c XLATE_PENDING
libxt_IDLETIMER.c XLATE_PENDING
libxt_ipcomp.c XLATE_PENDING
libxt_ipvs.c XLATE_PENDING
libxt_LED.c XLATE_PENDING
libxt_mangle.c XLATE_PENDING
libxt_MARK.c XLATE_PENDING
libxt_multiport.c XLATE_PENDING
libxt_nfacct.c XLATE_PENDING
libxt_osf.c XLATE_PENDING
libxt_physdev.c XLATE_PENDING
libxt_policy.c XLATE_PENDING
libxt_quota.c XLATE_PENDING
libxt_rateest.c XLATE_PENDING
libxt_RATEEST.c XLATE_PENDING
libxt_recent.c XLATE_PENDING
libxt_rpfilter.c XLATE_PENDING
libxt_SECMARK.c XLATE_PENDING
libxt_set.c XLATE_PENDING
libxt_SET.c XLATE_PENDING
libxt_socket.c XLATE_PENDING
libxt_standard.c XLATE_PENDING
libxt_statistic.c XLATE_PENDING
libxt_string.c XLATE_PENDING
libxt_SYNPROXY.c XLATE_PENDING
libxt_tcpmss.c XLATE_PENDING
libxt_TCPMSS.c XLATE_PENDING
libxt_TCPOPTSTRIP.c XLATE_PENDING
libxt_time.c XLATE_PENDING
libxt_tos.c XLATE_PENDING
libxt_TOS.c XLATE_PENDING
libxt_TPROXY.c XLATE_PENDING
libxt_TRACE.c XLATE_PENDING
libxt_u32.c XLATE_PENDING
Advertisements

nftables in 10 minutes

It’s difficult to find a suitable reference of nftables. Some of them are incomplete, out-of-date or partially incorrect about the syntax.

For this reason, I’ve been working this week in creating a full nftables Quick Reference (all the quick that I could, cause nftables options are huge) called nftables in 10 minutes.

The idea is to have an “all in one” about nftables. Hope it helps to everyone who is introducing to nftables.

https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes

Compiling this reference, it allowed me to learn more deeply about nftables and the powerful of such tool.

Enjoy!

Internship just started!

The internship begins and I’m going to review the roadmap I proposed.

1) 23may – 3jun: Translate from iptables to nftables. Implementation of some missing translations.
2) 4jun – 17jun: Implementation of nth extension in nftables.
3) 18jun – 9 jul: Dynamic populated maps in nftables.
4) 9jul – 17 jul: Store partial values into nft variables.
5) 18jul – 24jul: Holiday.
6) 25jul – 23aug: Monitoring daemon implementation for dynamic load
balancing.

I’m going to start the first step improving some nftables documentation in order to be published in the official wiki.