Original post on burningboard.net

You just provisioned a fresh Linux server. Within minutes, the SSH brute-force bots will arrive.

There are too many ways to build a firewall in Linux. I wrote a practical guide to the four major tools: iptables, nftables, firewalld, and ufw, including their mental models and deployable configs […]

📰 CISA: Celah Berbahaya di Linux Kini Dieksploitasi oleh Geng Ransomware

👉 Baca artikel lengkap di sini: ahmandonk.com/2025/11/01/linux-kernel-...

#cisa #cve-2024-1086 #kernel #linux #netfilter #privilege #escalation #ransomware

#nftables has some peculiarities in its syntax.

One of my "favorites" is the fact that you can't define an empty set while using `elements` keyword and contents literal.

For example, let's create a table: `nft add table test_tbl`.

Now we can add a set...

#linux #netfilter #firewall

1/

netfilter/iptables project homepage - The netfilter.org "nftables" project

#nftables 1.1.3 has been released ( #Netfilter / #libnftables / #libnftnl / #iptables / #ip6tables / #arptables / #ebtables / #PacketFilter / #Firewall ) netfilter.org/projects/nft...

netfilter/iptables project homepage - The netfilter.org "libnftnl" project

#libnftnl 1.2.9 has been released ( #Netfilter / #nftables / #libmnl ) netfilter.org/projects/lib...

Netfilter | The Backbone of Linux Packet Filtering 🚀🔥💡 Discover how Netfilter supports Linux's network security with packet filtering & NAT

Discover how Netfilter supports Linux's network security with packet filtering & NAT
#Linux #netfilter

Pablo Neira Ayuso will give us a summary of Netfilter updates since last @netdevconf at the @netfilter Workshop #netfilter #netdevconf

💔Breaking the Misrepresentation | Netfilter as a Powerful On-Prem Firewall Solution💪 Why Netfilter is a Strong Competitor to High-Cost Proprietary Firewalls in Network Security

Why Netfilter is a Strong Competitor to High-Cost Proprietary Firewalls in Network Security
#Linux #Netfilter #Firewalls #NetworkSecurity

the geoip match howto

It's over 15 yeas ago when #geoip #netfilter / #iptables module for the #linux kernel was released and the term racist firewalling got born. #AWS recently released the same feature for AWS firewall, @jimmydahlqvist.bsky.social @wumingzhang.bsky.social plz add the term to the AWS #sec exam q's ;-)

netfilter/iptables project homepage - The netfilter.org "nftables" project

#nftables 1.1.1 has been released ( #Netfilter / #libnftables / #libnftnl / #iptables / #ip6tables / #arptables / #ebtables / #PacketFilter / #Firewall ) netfilter.org/projects/nft...

netfilter/iptables project homepage - The netfilter.org "libnftnl" project

#libnftnl 1.2.8 has been released ( #Netfilter / #nftables / #libmnl ) netfilter.org/projects/lib...

netfilter/iptables project homepage - The netfilter.org "nftables" project

#nftables 1.1.0 has been released ( #Netfilter / #libnftables / #libnftnl / #iptables / #ip6tables / #arptables / #ebtables / #PacketFilter / #Firewall ) netfilter.org/projects/nft...

netfilter/iptables project homepage - The netfilter.org "libnftnl" project

#libnftnl 1.2.7 has been released ( #Netfilter / #nftables / #libmnl ) netfilter.org/projects/lib...

Due to frequent DDoS attacks, we're enforcing stricter limits on the number of connections to our servers. By default, each server enforces a limit of 16 or 32 TCP connections from each IPv4 address and IPv6 /64 block. During persistent attacks, these limits will be adjusted.

#netfilter #nftables