Nftables

Aus xinux.net

Version vom 12. November 2019, 11:26 Uhr von Thomas.will (Diskussion | Beiträge)

(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)

Zur Navigation springen Zur Suche springen

Install

apt-get install nftables

Create a basic IPv4 table

nft add table inet filter

List that table

nft list table inet filter

table inet filter {
}

Create a chain for input traffic IPv4

nft add chain inet filter input { type filter hook input priority 0\; }

A rule to check that all is fine (IPv4)

nft add rule inet filter input counter accept

List that table

nft list table inet filter

table inet filter {
	chain input {
		type filter hook input priority 0; policy accept;
		counter packets 47 bytes 3100 accept
	}
}

Flush rules in chain filter/input

nft flush chain inet filter input

Delete the chain filter/input

nft delete chain inet filter input

Delete the table filter

nft delete table inet filter

Abgerufen von „https://xinux.net/index.php?title=Nftables&oldid=18837“