There are two sets of modules in linux netfilter framework.
One with nf prefix (e.g. nf_tables), another with xt prefix (e.g. xt_ecn).
What is the difference between two of them?
Asked
Active
Viewed 1,461 times
1
HBruijn
- 77,029
- 24
- 135
- 201
user762750
- 181
- 1
- 10
1 Answers
0
The upstream Linux kernel firewall / packet filtering project is https://www.netfilter.org and most of the core modules supplied by that project have been named (and/or renamed) to include nf prefix.
Since the project provides among others both iptables and nftables they also use the Xtables collective name for the IPv4, IPv6, arp and eb toolsets.
That has resulted in selecting module names with the xt prefix.
Xtables-addons contains extensions that were not, or are not yet, accepted in the main kernel/iptables packages. Those also use the xt prefix.
HBruijn
- 77,029
- 24
- 135
- 201
-
1The xtables-addons are not the only kernel modules that begin with `xt`. It might be better to say that those _also_ use the `xt` prefix. – Michael Hampton Jun 17 '19 at 08:00