Designed by netfilter, to replace iptables.
Interfaces that normally had different cli commands are now all merged in one command (ex: iptables, ip6tables, arptables, ...).
nftables also introduces 1st tier tracing utilities to debug rules.

NOTE:

in nftables, unlike pf, the first matching rule is applied

Documentation

man nft (see toc) https://manpages.debian.org/testing/nftables/nft.8.en.html

official cheatsheet https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes

wiki https://wiki.nftables.org/wiki-nftables/index.php/Main_Page

archwiki https://wiki.archlinux.org/index.php/Nftables

Locations

/etc/nftables.conf ruleset

dmesg
journalctl --dmesg logging (requires 'LOG' rule) (grep-able)

Tutorials

compare nftables to iptables https://linux-audit.com/differences-between-iptables-and-nftables-explained/

Notes

nftables install

nftables usage

nftables logging

nftables syntax

Anonymous

Search

Nftables

Namespaces

More

Page actions

Contents

Documentation

Locations

Tutorials

Notes

Navigation

Navigation

Programs

QuickRef

Operating Systems

wiki pages

Wiki tools

Wiki tools

man nft (see toc)	https://manpages.debian.org/testing/nftables/nft.8.en.html
official cheatsheet	https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes
wiki	https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
archwiki	https://wiki.archlinux.org/index.php/Nftables

`/etc/nftables.conf`	ruleset
`dmesg` `journalctl --dmesg`	logging (requires 'LOG' rule) (grep-able)

Anonymous

Search

Nftables

Documentation

Locations

Tutorials

Notes

Navigation

Wiki tools

Page tools