Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs

Partner Sites
JustLinux.com
Linux Planet
PHPBuilder
Technology Jobs

Top White Papers

Current Newswire:

More on LinuxToday

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume

First release of nftables

Mar 20, 2009, 13:02 (0 Talkback[s])
(Other stories by Patrick McHardy)

"There are three main components:

- the kernel implementation
- libnl netlink communication
- nftables userspace frontend

"The kernel provides a netlink configuration interface, as well as runtime ruleset evaluation using a small classification language interpreter. libnl contains the low-level functions for communicating with the kernel, the nftables frontend is what the user interacts with.

"Kernel
------

"The first major difference is that there's no one-to-one relation of matches and targets available to the user and those implemented in the kernel anymore. The kernel provides some generic parameterizable operations, like loading data from a packet, comparing data with other data etc. Userspace combines the individual operations appropriately to get the desired semantic."

Complete Story

Related Stories: