From the course: Complete Guide to Linux Security: Protecting Your Linux Server Environment
Unlock this course with a free trial
Join today to access over 24,300 courses taught by industry experts.
Introduction to nftables and the nft command - Linux Tutorial
From the course: Complete Guide to Linux Security: Protecting Your Linux Server Environment
Introduction to nftables and the nft command
- If you want real control of firewalling, then you want to work more closely with the net filter and the Linux Kernel in general. And that means using nftables and sometimes the older iptables. If you take a look at the slide here, you can see a little diagram. Nftables and iptables are actual IP packet filtering and NAT tools, otherwise known simply as firewalls. They're used to set up, maintain, and inspect the packet filter rules within the Linux Kernel. Let's look at this architecture of Linux from a high level just for a minute. The Linux Kernel, meaning the core of the operating system, provides for the NetFilter. That's a networking framework that can allow for packet filtering, network address translation, and port redirection all directly at the kernel level. The net filter is a set of hooks which alter how the operating system works. These functions will govern how packets of information are passed through the system. The older system for firewalling is iptables, and…
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
(Locked)
Learning objectives1m 34s
-
(Locked)
Introduction to nftables and the nft command2m 34s
-
(Locked)
nftables setup4m 5s
-
(Locked)
Tables > Chains > Rules2m 31s
-
(Locked)
Building the nftables configuration, part 18m 41s
-
(Locked)
Building the nftables configuration, part 28m 39s
-
Saving and restoring the nftables configurations8m 36s
-
(Locked)
Translating iptables to nftables7m 49s
-
(Locked)
-
-
-
-
-
-