As i understand most linux distros use NFTables now.
I have noticed some information about Debian (which is base for Ubuntu and Mint) using NFTables now. And Debian wiki says
So i wonder now, should i at first install and enable ntfstables and only after that to enable (g)ufw? It seems logical, but i also have read in ArchWiki that"nftables in Debian the easy way If you want to enable a default firewall in Debian, follow these steps...
# aptitude install nftables
# systemctl enable nftables.service"
I guess that this rule can also be applied to NFTables..? And on Arch Reddit we can read:"Start and enable ufw.service to make it available at boot. Note that this will not work if iptables.service is also enabled (and same for its ipv6 counterpart)".
So, in short i have following questions:"UFW, being a frontend wrapper, will require the nftables package to be installed and the [strikeout]service to be enabled/started[/strikeout]. Simply, it will use IPTables or NFTables depending on which is configured and in use. Edit: Only UFW service need be enabled to avoid conflict
1) should i install NFTables?
2) Should i enable it as a service (and configure)?
3) Or just using GUFW is enough? Because it somehow automatically uses NFTables?
4) Do you really need a firewall on Linux? Because i read that it is already placed in kernel.
5) What does it mean "Deny incoming"? It filters all incoming traffic or what?