On 7/22/2019 12:39 PM, Timo Sigurdsson wrote: > Hi, > > some of you may be aware of the new default firewall backend in Debian 10 > alias Buster, i.e. Buster defaults to nftables and all of xtables programs > (iptables, ip6tables, etc.) are merely symlinks to iptables-nft, > ip6tables-nft, etc. This means you can use the iptables syntax, but will > actually get nftables rules. As I am planning to upgrade my router machine to > Debian 10 in the near future, I was wondering whether I should take any > precautions prior or during the upgrade with regards to shorewall. I use > shorewall in a dual-stack setup with one WAN interface and several LAN-side > interfaces and zones. >
To air on the side of caution, I would test Shorewall and the desired configuration using a VM or a chroot when moving away from Iptables and report back any issues you might encounter. -Matt -- Matt Darfeuille _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
