[PATCH] wg-quick: linux: add support for nft and prefer it
Jason A. Donenfeld
Jason at zx2c4.com
Tue Dec 10 23:09:14 CET 2019
On Tue, Dec 10, 2019 at 11:03 PM Vasili Pupkin <diggest at gmail.com> wrote:
> As far as I know both of them are maintained in the same repository and
> both use the same userspace library to interact with the kernel and down
> there all the rules are translated into BPF code which in turn is
> compiled into machine code by kernel BPF JIT compiler.
"bpfilter" is a WIP, but that's not today how iptables or nftables
work, at all. I'm not sure your statement about userspace is entirely
correct either.
More information about the WireGuard
mailing list