please add SSH trottling recipe for nftables #322
Comments
|
As far as I know, the guides are already optimized to give admins an
easy time. If I found a platform that only included nftables, then I'd
switch to that instead of requiring the installation of iptables. So
far, though, all the supported platforms are still shipping iptables by
default.
|
|
Debian has shipped nftables by default for 3 releases already. Conversely iptables has been an optional package since then. |
|
Ahh, ok. I see that the guide for Debian 12 has the user install
iptables. I suppose that one can be updated to use nftables.
Note that the guide for Rocky Linux 9 uses the pre-installed "firewall-
cmd" tool, and Ubuntu still ships with iptables by default. So it
looks like only the Debian and perhaps Amazon Linux 2023 guides can be
updated.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would be desirable for the hardening guide to include an nftables recipe to accomplish SSH trottling. Many distributions have replaced iptables with nftables as their default.
The text was updated successfully, but these errors were encountered: