[Dnsmasq-discuss] Notes on nftables and dnsmasq: Group Allow-List Application Firewall
Alain Ducharme
alain_ducharme at hotmail.com
Wed Feb 23 19:01:12 UTC 2022
Hello,
I've been testing dnsmasq v2.87's for the new nftset option with apparently
good results so far. It works quite well if you have the time and patience
to set up an allowlist firewall.
I've posted some notes (and examples) on a method to set up an allowlist
application firewall for GNU/Linux workstations using recent versions of
nftables and dnsmasq v2.87, If interested see:
https://github.com/sta-c0000/galaf
"Group Allow-List Application Firewall"
It's not for everyone, and the examples are not usable without some setup.
A little technical, but it's not as complicated as it seems.
Too much, or not enough information, I'm not sure which it is. ;)
If nothing more, hopefully contains some useful info for others setting up
their own firewall.
I think dnsmasq's nftset option is an important component for allowlist
firewalling.
Thank you for your efforts with dnsmasq,
Cheers,
Alain
More information about the Dnsmasq-discuss
mailing list