Hi,
iptables has never been part of LPIC1, it's on LPIC2. IMHO firewalling is clearly a LPIC2 topic (as well as 303, where also nftables is shown). Regards! Kenneth A 2017-12-12 12:10, Alex Clemente escrigué: > HI All, > > iptables is need for setup Cluster Active/Active with Pacemaker + Corosync > (LPIC-3-304). > > Cluster cluster reply one "bucket request", is created by iptables on > "CLUSTERIP". > > If LPIC-3-304, used iptables, what remove iptables from LPIC-1 ? > > 2017-12-11 21:17 GMT-02:00 Bryan Smith <[email protected]>: > >> On Mon, Dec 11, 2017 at 5:28 PM, Kenneth Peiruza <[email protected]> wrote: >>> zero? >>> >>> On Sergio Belkin <[email protected]>, Dec 11, 2017 16:31 wrote: >>> 2017-12-10 11:55 GMT-03:00 Simone Piccardi <[email protected]>: >>>> Il 09/12/2017 23:31, Sergio Belkin ha scritto: >>>>> * Basic configuration of iptables >>>> >>>> iptables are deprecated too, for nftables, also if for the moment the >>>> switch is almost everywhere postponed. >>>> >>>> But more than this, what dose "basic" means here, and how it is meant to >>>> be teached and learned without the knowledge of the netfilter >>>> architecture (that does not seems a basic argument, at least to me). >> >> IPTables won't be deprecated for some time. >> >> The NetFilter code of the kernel is little changed for the nftables >> front-end, just greatly simplified from an ABI/API standpoint. This >> brings in a new userspace command, "nft", along with a not-quite-100% >> backwards compatible "ip[6]tables" (e.g., ebtables, arptbales, >> etc...), but "close enough." So it'll be some time before any program >> can deprecate it from its objectives. >> >> This is very akin to what the NetworkManager and its "nmcli" command >> has attempted to do for the Network configuration subsystem, including >> being compatible with the iproute2 commands. People are still going >> to use the direct "ip" commands. In fact, it's not a surprise the >> "nft" has a very "nmcli" like syntax either, which is also similar to >> positional parameter "ip" command too. >> >> Beyond that ... >> >> Akin to NetworkManager, firewalld is working on a drop-in replacement >> for "nftables", including providing the D-Bus support just like for >> "iptables." So it's a separate consideration, just like "iptables" is >> to firewalld. >> >> As always, I would recommend we focus on the commands that all >> sysadmins may run into -- first and foremost -- and then consider >> other objectives from there. E.g., "ip" commands and "iptables" >> commands, before more complex solutions. >> >> - bjs >> >> -- >> Bryan J Smith - http://www.linkedin.com/in/bjsmith [1] >> E-mail: b.j.smith at ieee.org [2] or me at bjsmith.me [3] >> >> _______________________________________________ >> lpi-examdev mailing list >> [email protected] >> http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev [4] > > -- > > -- > Alex Clemente > [email protected] > [email protected] > Analista Linux, Unix, Virtualização e Middleware > Instrutor Linux e Open Source > ----------------------------- > AWS Technical Professional > Azure Datacenter in Cloud Platform for Technical > CompTIA Linux+ Powered by LPI > SUSE 11 Certified Linux Administrator > SUSE 11 Technical Specialist > LPIC-1 Certified Linux Administrator > LPIC-2 Certified Linux Engineer > > _______________________________________________ > lpi-examdev mailing list > [email protected] > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev [4] Links: ------ [1] http://www.linkedin.com/in/bjsmith [2] http://ieee.org [3] http://bjsmith.me [4] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
_______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
