The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
This schedule is automatically displayed in Central European Summer Time (UTC/GMT +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Firewalls play a pivotal part in securing a hypervisor and its guests from internal and external threats. In this talk I want to show how to utilize nftables for creating complex rulesets in a virtualized Linux network environment.
This talk will start with a short introduction on nftables and Linux network virtualization. I will then dive deeper by showing how to create complex rulesets efficiently by utilizing the built-in nftables datastructures. Furthermore, I will show how zone-based firewalling can be implemented by leveraging the nftables bridge family, with a focus on virtualized network environments common in hypervisors. To finish off, I will talk about how to use Rust for interfacing with nftables via JSON by using the provided nftables-json schema to programmatically create firewall rules.
Stefan has been passionate about Linux since he first started using it in his teenage years. He works as a software engineer for Proxmox since 2022 with a focus on the networking stack.