It looks like bpfilter is in rather early stages, and it's few years until we'll see it in Debian.
Or skip nftables and use Berkeley Packet Filter (BPF)?
Sun, Dec 8
Sat, Dec 7
Thu, Dec 5
Mon, Nov 25
Sat, Nov 23
I created the issue:
Could you add to git please?
Thu, Nov 21
Not a problem anymore.
Sat, Nov 16
Nov 8 2019
Migrated remaining task to T868.
Nov 6 2019
This was done. If not, please create specific tickets where it isn't done.
Nov 4 2019
Installed. See screenshot on how to use:
Nov 3 2019
Oct 25 2019
Sitemap was broken. May be unrelated to https://github.com/WhonixBOT/whonix-wiki-html/blob/master/scrape-whonix-wiki.sh. Just a follow up issue. Not cause. In progress of fixing this.
Oct 23 2019
Oct 21 2019
Added requested NFTables example from duclicsic #netfilter freenode.
Oct 17 2019
Starting with Bullseye nftables will be the default:
Oct 15 2019
Oct 13 2019
Analysis by Cyrus cited here for completion:
Oct 10 2019
Already packaged in Debian but is currently orphaned and needs a maintainer accoridng to its ex-maintainer:
Oct 7 2019
An alternative proposal for editing ISNs without involving the kernel:
Oct 6 2019
Implemented for some time now.
Reported build failures:
When an implementation is decided, let's decide if we can include this in security-misc for use on Linux hosts and Kicksecure. We would need some way in detecting the active NIC since on wireless systems wlan0 is the interface of choice and not eth0
tc-netem is a utility that is part of the iproute2 package in Debian. It leverages functionality already built into Linux and userspace utilities to simulate networks including packet delays and loss.
Oct 5 2019
TPM hw not working. Troubleshooting thread:
Oct 4 2019
It turns out, what I said only applies to the Debian package. The kernel patch and the package are actually two different things.