Re: [qubes-users] nftables vs iptables

2018-10-10 Thread Chris Laprise
On 10/10/2018 01:47 PM, David Hobach wrote: On 10/10/18 3:33 PM, unman wrote: On Wed, Oct 10, 2018 at 03:17:47PM +0200, Illidan Pornrage wrote: On 10/10/18 3:14 PM, unman wrote: On Tue, Oct 09, 2018 at 09:18:22PM +0300, Ivan Mitev wrote: On 10/9/18 7:44 PM, mfreemon wrote: On 10/8/18

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread David Hobach
On 10/10/18 3:33 PM, unman wrote: On Wed, Oct 10, 2018 at 03:17:47PM +0200, Illidan Pornrage wrote: On 10/10/18 3:14 PM, unman wrote: On Tue, Oct 09, 2018 at 09:18:22PM +0300, Ivan Mitev wrote: On 10/9/18 7:44 PM, mfreemon wrote: On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM,

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread Ivan Mitev
On 10/10/18 4:14 PM, unman wrote: On Tue, Oct 09, 2018 at 09:18:22PM +0300, Ivan Mitev wrote: On 10/9/18 7:44 PM, mfreemon wrote: On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote:

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread unman
On Wed, Oct 10, 2018 at 03:17:47PM +0200, Illidan Pornrage wrote: > On 10/10/18 3:14 PM, unman wrote: > > On Tue, Oct 09, 2018 at 09:18:22PM +0300, Ivan Mitev wrote: > > > > > > > > > On 10/9/18 7:44 PM, mfreemon wrote: > > > > On 10/8/18 10:56 AM, mfreemon wrote: > > > > > On 10/2/18 2:25 AM,

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread Illidan Pornrage
On 10/10/18 3:14 PM, unman wrote: On Tue, Oct 09, 2018 at 09:18:22PM +0300, Ivan Mitev wrote: On 10/9/18 7:44 PM, mfreemon wrote: On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote: On

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread Illidan Pornrage
On 10/9/18 8:18 PM, Ivan Mitev wrote: On 10/9/18 7:44 PM, mfreemon wrote: On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote: On 1/11/18 3:01 PM, Chris Laprise wrote:   > On 01/10/2018

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread unman
On Tue, Oct 09, 2018 at 09:18:22PM +0300, Ivan Mitev wrote: > > > On 10/9/18 7:44 PM, mfreemon wrote: > > On 10/8/18 10:56 AM, mfreemon wrote: > > > On 10/2/18 2:25 AM, Ivan Mitev wrote: > > > > On 10/2/18 1:32 AM, Chris Laprise wrote: > > > > > On 10/01/2018 05:48 PM, mfreemon wrote: > > > > >

Re: [qubes-users] nftables vs iptables

2018-10-10 Thread 'floasretch' via qubes-users
On Monday, October 1, 2018 4:32 PM, Chris Laprise wrote: > I've submitted qubes-tunnel to Qubes with iptables commands only, with > the intention to transition to nftables (or that other new interface in > Linux, name escapes me just now) for Qubes 4.1. I guess you mean BPF (Berkeley Packet

Re: [qubes-users] nftables vs iptables

2018-10-09 Thread Ivan Mitev
On 10/9/18 7:44 PM, mfreemon wrote: On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote: On 1/11/18 3:01 PM, Chris Laprise wrote:   > On 01/10/2018 03:47 PM, Connor Page wrote:   >> The

Re: [qubes-users] nftables vs iptables

2018-10-09 Thread mfreemon
On 10/9/18 11:44 AM, mfreemon wrote: On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote: On 1/11/18 3:01 PM, Chris Laprise wrote:   > On 01/10/2018 03:47 PM, Connor Page wrote:   >> The

Re: [qubes-users] nftables vs iptables

2018-10-09 Thread mfreemon
On 10/8/18 10:56 AM, mfreemon wrote: On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote: On 1/11/18 3:01 PM, Chris Laprise wrote:   > On 01/10/2018 03:47 PM, Connor Page wrote:   >> The official templates use nftables so

Re: [qubes-users] nftables vs iptables

2018-10-08 Thread mfreemon
On 10/2/18 2:25 AM, Ivan Mitev wrote: On 10/2/18 1:32 AM, Chris Laprise wrote: On 10/01/2018 05:48 PM, mfreemon wrote: On 1/11/18 3:01 PM, Chris Laprise wrote:  > On 01/10/2018 03:47 PM, Connor Page wrote:  >> The official templates use nftables so shouldn’t be mixed with iptables. I didn’t

Re: [qubes-users] nftables vs iptables

2018-10-02 Thread Zrubi
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/1/18 11:48 PM, mfreemon wrote: > What is the best practice recommendation on this (for R4, Fedora > 28 template)? Are we to be using, exclusively, nftables in R4? The intended benefit was that in case of nftables qubes firewall not needed to

Re: [qubes-users] nftables vs iptables

2018-10-02 Thread Ivan Mitev
On 10/2/18 1:32 AM, Chris Laprise wrote: > On 10/01/2018 05:48 PM, mfreemon wrote: >> On 1/11/18 3:01 PM, Chris Laprise wrote: >>  > On 01/10/2018 03:47 PM, Connor Page wrote: >>  >> The official templates use nftables so shouldn’t be mixed with >> iptables. I didn’t have time to learn about

Re: [qubes-users] nftables vs iptables

2018-10-01 Thread Chris Laprise
On 10/01/2018 05:48 PM, mfreemon wrote: On 1/11/18 3:01 PM, Chris Laprise wrote: > On 01/10/2018 03:47 PM, Connor Page wrote: >> The official templates use nftables so shouldn’t be mixed with iptables. I didn’t have time to learn about nftables, so just removed nftables package from debian 9

[qubes-users] nftables vs iptables

2018-10-01 Thread mfreemon
On 1/11/18 3:01 PM, Chris Laprise wrote: > On 01/10/2018 03:47 PM, Connor Page wrote: >> The official templates use nftables so shouldn’t be mixed with iptables. I didn’t have time to learn about nftables, so just removed nftables package from debian 9 template. YMMV. >> > > Hmmm, I was just