If someone doesn’t know iptables, they probably are not required to know it. You wouldn’t recommend people to learn C++03, would you?

> If someone doesn’t know iptables, they probably are not required to know it.

That makes no sense. Just because I do not know X, it does not necessarily follow that I am not required to know it, not at all. I might need it for my job, or my future job. I might need it for a Linux distribution I just installed, and so forth. Or perhaps I am already using iptables, but I do not know it.

Ahhhhhh at least an understanding that it exists and how it might interact with nft is probably beneficial unless they’re expecting to only ever work on greenfield equipment. If you were to walk into a job with existing IT infrastructure, there’s a solid chance that you’ll encounter iptables. If you’re looking to do a deep dive into something and learn it well, definitely nft is the way to go but being able to tweak iptables configs without needing to start over with a clean nft slate is valuable.

To your C++03 analogy, I wouldn’t recommend learning C++03, but I also wouldn’t recommend solely learning C++23 either. C++20 and 23 have some really cool stuff in them that can definitely make your code cleaner, but there’s a lot of codebases that are stuck on older versions (at $JOB one of our target platforms is stuck on C++17 and will never get an upgrade so we can’t move the codebase forward until we abandon that kit).

If the person in question has never had the need to know iptables, why would that change now? If a job will require such knowledge, they will pick it up. Iptables is exposed as a facade to nftables, lots of the concepts just transfer over, just that iptables is the more antiquated option.

I for instance have never really used iptables in anger, but have lots of experience with nftables and pf. I’ve used both in a professional setting. People can be made aware of iptables, but unless there’s a need to know it, I wouldn’t recommend picking it up now. And you’ll know if you need to learn c++17 or iptables, or python 2.7.

For more context, I've been working pretty closely with firewalls on all desktop platforms, and I've been doing so since 2018, and I've never had know about iptables on Linux.