> If one takes the time to read up on NFTables (e.g. the articles previously linked), they would find that there is an iptables compatibility layer under development alongside this new project.
I hear there's plans at NASA for a manned return to the moon, too. Don't hold your breath. "Under development" by the core authors of nftables itself does not mean they know the iptables configuration tools well enough to write such a layer to work across the broad variety of RPM based and configuration tool managed oddities. Even the "system-config-security" tool is seriously awkward and underpowered for any complex iptables configurations. I'll be pleased, and surprised, if their nftables compatibility toolkit tool can manage even the well documented configurations and layout of system-config-security.
