X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;ds=sidebyside;f=index.html;h=2a4f38d74627a3a35d110796471338204251e8c2;hb=4f955d79c15ba448955d1861edb0cb848dafdf08;hp=3a07e304378b0f083bda86cb49c01305dded7289;hpb=a4c76f99af3d219fdcd4c146998230e2b05b394f;p=kernel-news-talk.git

diff --git a/index.html b/index.html
index 3a07e30..2a4f38d 100644
--- a/index.html
+++ b/index.html
@@ -276,6 +276,35 @@
   </ul>
 </div>
 
+<div class="slide">
+  <h1>nftables [3.13]</h1>
+  <ul class="incremental">
+    <li>
+      Linux has several firewall APIs - iptables, ip6tables, arptables
+      and ebtables
+    </li>
+    <li>
+      All require a specific kernel module for each type of match
+      and each possible action
+    </li>
+    <li>
+      Userland could only use the four protocol-specific APIs,
+      although the internal netfilter API is more flexible
+    </li>
+    <li>
+      nftables exposes more of this flexibility, allowing userland
+      to provide firewall code for a specialised VM (similar to BPF)
+    </li>
+    <li>
+      nftables userland tool uses this API and is already packaged
+    </li>
+    <li>
+      Eventually, the old APIs will be removed and the old userland
+      tools must be ported to use nftables
+    </li>
+  </ul>
+</div>
+
 <div class="slide">
   <h1>Questions?</h1>
 </div>