mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-22 02:43:02 +00:00
Create nftables_iptables_ufw_firewalld.md
This commit is contained in:
parent
85112d6127
commit
efa7aecd56
1 changed files with 21 additions and 0 deletions
21
linux-hardening/nftables_iptables_ufw_firewalld.md
Normal file
21
linux-hardening/nftables_iptables_ufw_firewalld.md
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# iptables, nftables, UFW, and firewalld
|
||||||
|
The following is comparison table highlighting the features and characteristics of iptables, nftables, UFW (Uncomplicated Firewall), and firewalld:
|
||||||
|
|
||||||
|
| Feature | iptables | nftables | UFW | firewalld |
|
||||||
|
|--------------------|------------------------------------------------|-----------------------------------------------|----------------------------------------------------|----------------------------------------------------|
|
||||||
|
| Framework | Legacy framework | Modern framework | User-friendly wrapper for iptables | Dynamic firewall management tool |
|
||||||
|
| Syntax | Complex syntax | Simplified syntax | Simplified syntax | XML-based configuration files |
|
||||||
|
| Rule Evaluation | Top-down order | Ordered by priority | Top-down order | Dynamic and transaction-based |
|
||||||
|
| Protocol Support | IPv4 and IPv6 | IPv4 and IPv6 | IPv4 and IPv6 | IPv4 and IPv6 |
|
||||||
|
| Rule Matching | Basic matching options | Extended matching options | Basic matching options | Extended matching options |
|
||||||
|
| Performance | Good | Better performance than iptables | Good | Good |
|
||||||
|
| Network Address Translation (NAT) | Yes | Yes | Yes | Yes |
|
||||||
|
| Connection Tracking| Yes | Yes | No | Yes |
|
||||||
|
| Integration | Compatible with nftables (with compatibility modules) | Replaced iptables and ip6tables | N/A | Replaced iptables |
|
||||||
|
| User Interface | Command-line interface (CLI) | Command-line interface (CLI) | Command-line interface (CLI) and graphical interface | Command-line interface (CLI) and graphical interface |
|
||||||
|
| Firewall Zones | N/A | N/A | N/A | Yes |
|
||||||
|
| Easy Configuration | Requires detailed rule configuration | Simplified rule configuration | Simplified rule configuration | Simplified rule configuration |
|
||||||
|
| Default on Distro | Most Linux distributions | Some Linux distributions | Ubuntu, Debian, and their derivatives | CentOS, Fedora, RHEL, and their derivatives |
|
||||||
|
|
||||||
|
This table provides a general overview of the features and characteristics of each firewall tool, and the specific details may vary based on the Linux distribution, version, and configuration.
|
||||||
|
|
Loading…
Reference in a new issue