nftables, ip[6]tables and network namespaces

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

nftables, ip[6]tables and network namespaces

Pavel Volkov
I have 2 questions about the new nftables in kernel 3.13.

1. Are network namespaces not yet supported in nftables? When I load a set of
rules in another namespace with nftables, it affects the default namespace
instead.
The same thing worked perfectly with iptables/ip6tables.

2. What takes priority, nftables or iptables? If there's a rule math in one
implementation, will there be processed?