From ArchWiki
Revision as of 17:11, 20 January 2014 by Yuvadm (talk | contribs) (Usage)
Jump to: navigation, search

nftables is the candidate for replacing iptables as the main Linux firewall utility from Linux kernel version 3.13 and on.

Currently, nftables is available on the AUR in package nftables-gitAUR.


Drop output to a destination:

# nft add rule ip filter output ip daddr drop

Drop packet to port 80:

# nft add rule ip filter input tcp dport 80 drop

Further reading