Linux® Firewalls: Enhancing Security with nftables and Beyond, Fourth Edition

4. nftables: The Linux Firewall Administration Program

Chapter 3, “iptables: The Legacy Linux Firewall Administration Program,” examined iptables, the longtime administration program for Linux firewalls. The syntax and many of the options within iptables were covered there. This chapter examines the new Netfilter Tables (nftables) program. The nftables program became available as part of the mainline Linux kernel beginning with version 3.13.

Differences between iptables and nftables

Within the kernel, nftables represents a significant departure from the iptables system of filtering. nftables replaces the functionality in not only iptables but also ip6tables for IPv6, arptables for ARP filtering, and ebtables for Ethernet bridge filtering. The ...

Get Linux® Firewalls: Enhancing Security with nftables and Beyond, Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Linux® Firewalls: Enhancing Security with nftables and Beyond, Fourth Edition by

4. nftables: The Linux Firewall Administration Program

Differences between iptables and nftables

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly