💾 Archived View for freeshell.de › tldr › nft.gmi captured on 2023-04-20 at 00:17:01. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-04-28)
-=-=-=-=-=-=-
Allows configuration of tables, chains and rules provided by the Linux kernel firewall.
Nftables replaces iptables.
sudo nft list ruleset
sudo nft add table {inet} {filter}
sudo nft add chain {inet} {filter} {input} \{ type {filter} hook {input} priority {0} \; policy {accept} \}
sudo nft add rule {inet} {filter} {input} {tcp} {dport \{ telnet, ssh, http, https \} accept}
sudo nft add rule {nat} {postrouting} ip saddr {192.168.0.0/24} {masquerade}
sudo nft --handle --numeric list chain {family} {table} {chain}
sudo nft delete rule {inet} {filter} {input} handle {3}
sudo nft list ruleset > {/etc/nftables.conf}
Copyright © 2014—present the tldr-pages team and contributors.
This work is licensed under the Creative Commons Attribution 4.0 International License (CC-BY).