From the course: Complete Guide to Linux Security: Protecting Your Linux Server Environment

Unlock this course with a free trial

Join today to access over 24,300 courses taught by industry experts.

Introduction to nftables and the nft command

Introduction to nftables and the nft command

- If you want real control of firewalling, then you want to work more closely with the net filter and the Linux Kernel in general. And that means using nftables and sometimes the older iptables. If you take a look at the slide here, you can see a little diagram. Nftables and iptables are actual IP packet filtering and NAT tools, otherwise known simply as firewalls. They're used to set up, maintain, and inspect the packet filter rules within the Linux Kernel. Let's look at this architecture of Linux from a high level just for a minute. The Linux Kernel, meaning the core of the operating system, provides for the NetFilter. That's a networking framework that can allow for packet filtering, network address translation, and port redirection all directly at the kernel level. The net filter is a set of hooks which alter how the operating system works. These functions will govern how packets of information are passed through the system. The older system for firewalling is iptables, and…

Contents