Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://social.glitched.systems/notes/9xilhbizw5a60uud">CyberFrog (froge@social.glitched.systems)'s status on Thursday, 29-Aug-2024 17:39:25 JST</a><a href="https://social.glitched.systems/@froge" title="froge@social.glitched.systems"><img src="https://gnusocial.jp/avatar/275421-48-20240809084426.webp" width="48" height="48" alt="CyberFrog" style="position: absolute; left: 0; top: 0;">CyberFrog</a><div><a href="https://infosec.exchange/@ryanc/113044382715200923" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://infosec.exchange/@ryanc">@ryanc@infosec.exchange</a> I learned something cursed when researching the transition of these things, which is that the linux kernel can load both iptables and nftables rules at the same time, on the same machine, and nftables rules take precedence but fall back to iptables afterwards<br><br>imagine trying to debug a system that you thought was using iptables but actually has a secret nftables rule inserted before iptables even sees the packet.. all the iptables rules would be totally correct, because the filtering happens earlier on 🙃</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3583441#notice-7030886">In conversation</a><time datetime="2024-08-29T17:39:25+09:00" title="Thursday, 29-Aug-2024 17:39:25 JST">about 9 months ago</time> <span>from <span><a href="https://social.glitched.systems/notes/9xilhbizw5a60uud" rel="external" title="Sent from social.glitched.systems via ActivityPub">social.glitched.systems</a></span></span><a href="https://social.glitched.systems/notes/9xilhbizw5a60uud">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
CyberFrog (froge@social.glitched.systems)'s status on Thursday, 29-Aug-2024 17:39:25 JSTCyberFrog
in reply to
- Ryan Castellucci :nonbinary_flag:
@ryanc@infosec.exchange I learned something cursed when researching the transition of these things, which is that the linux kernel can load both iptables and nftables rules at the same time, on the same machine, and nftables rules take precedence but fall back to iptables afterwards

imagine trying to debug a system that you thought was using iptables but actually has a secret nftables rule inserted before iptables even sees the packet.. all the iptables rules would be totally correct, because the filtering happens earlier on 🙃
In conversationabout 9 months ago from social.glitched.systemspermalink

Public

Embed Notice

HTML Code

Corresponding Notice