# libnftnl

> Netlink programming interface to the Linux nf_tables subsystem

**Wikidata**: [Q116414384](https://www.wikidata.org/wiki/Q116414384)  
**Source**: https://4ort.xyz/entity/libnftnl

## Summary
**libnftnl** is a Netlink programming interface that provides userspace access to the Linux **nf_tables** subsystem, enabling packet filtering and network management. It is part of the **Netfilter** project and is distributed as **free software** under the **GNU General Public License, version 2.0 or later**.

## Key Facts
- **Part of Netfilter**: libnftnl is a component of the **Netfilter** framework, which provides packet filtering and network address translation for Linux.
- **Netlink Interface**: It serves as a userspace API for interacting with the **nf_tables** subsystem via Netlink sockets.
- **Free Software**: Distributed under the **GNU GPLv2+**, allowing users to freely run, study, modify, and distribute it.
- **Latest Stable Version**: **1.3.1** (released on **2025-12-03**), maintained by **Pablo Neira Ayuso**.
- **Platform Support**: Runs on **Linux kernel** and **Linux-libre**.
- **Package Availability**: Available in distributions like **Debian, Ubuntu, Arch Linux, and Gentoo**.
- **License**: **GNU General Public License, version 2.0 or later**.
- **Website**: Official project page at [https://www.netfilter.org/projects/libnftnl/index.html](https://www.netfilter.org/projects/libnftnl/index.html).
- **Source Code**: Hosted at [https://git.netfilter.org/libnftnl/](https://git.netfilter.org/libnftnl/).

## FAQs
### Q: What is libnftnl used for?
A: libnftnl provides a Netlink interface for interacting with the **nf_tables** subsystem in Linux, enabling packet filtering and network management tasks.

### Q: Is libnftnl free software?
A: Yes, libnftnl is distributed under the **GNU GPLv2+**, allowing users to freely run, study, modify, and distribute it.

### Q: Which Linux distributions include libnftnl?
A: libnftnl is available in **Debian, Ubuntu, Arch Linux, Gentoo**, and other distributions that support Netfilter and nftables.

### Q: Who maintains libnftnl?
A: The project is maintained by **Pablo Neira Ayuso**, a key developer in the Netfilter community.

### Q: How do I install libnftnl?
A: Installation varies by distribution. For Debian/Ubuntu, use `apt install libnftnl-dev`; for Arch Linux, use `pacman -S libnftnl`.

## Why It Matters
libnftnl is a critical component of the **nf_tables** ecosystem, providing the necessary userspace interface for managing network rules in Linux. It enables developers and system administrators to implement advanced packet filtering and network management without direct kernel modifications. By leveraging Netlink sockets, it ensures efficient communication between userspace applications and the kernel’s nf_tables subsystem. Its role in the Netfilter project underscores its importance in modern Linux networking, particularly in environments requiring high-performance firewalling and traffic control.

## Notable For
- **Netlink API for nf_tables**: First to provide a standardized userspace interface for nf_tables.
- **GPLv2+ Licensing**: Adheres to the open-source ethos while ensuring compatibility with Linux kernel licensing.
- **Cross-Distribution Support**: Available in major Linux distributions, ensuring broad adoption.
- **Active Maintenance**: Regular updates (latest release: **1.3.1**) reflect ongoing development and community support.
- **Integration with nftables**: Works seamlessly with the **nftables** userspace utility, enhancing Linux’s packet filtering capabilities.

## Body
### Overview
libnftnl is a **Netlink programming interface** designed to interact with the **nf_tables** subsystem in the Linux kernel. It serves as a bridge between userspace applications and the kernel’s networking stack, enabling packet filtering and network management.

### Development and Licensing
- **Maintainer**: **Pablo Neira Ayuso**, a key contributor to the Netfilter project.
- **License**: **GNU GPLv2+**, ensuring open-source compliance and community collaboration.
- **Latest Version**: **1.3.1** (released **2025-12-03**), with a focus on stability and bug fixes.

### Platform and Distribution
- **Operating System**: Primarily **Linux kernel** and **Linux-libre**.
- **Package Availability**:
  - **Debian/Ubuntu**: `libnftnl-dev`, `libnftnl-dev-doc`, `libnftnl11`.
  - **Arch Linux**: `libnftnl`.
  - **Gentoo**: `net-libs/libnftnl`.

### Technical Details
- **Netlink Interface**: Uses Netlink sockets for communication with the kernel.
- **Integration**: Works with **nftables**, the userspace utility for Linux packet filtering.
- **Source Code**: Hosted on the Netfilter Git server at [https://git.netfilter.org/libnftnl/](https://git.netfilter.org/libnftnl/).

### Historical Context
- **First Release**: Part of the Netfilter project, which began in the early 2000s to modernize Linux’s networking stack.
- **Evolution**: Replaced older tools like `iptables` by providing a more flexible and extensible framework.

### Community and Support
- **Active Development**: Regular releases (e.g., **1.2.8** in **2024-10-02**) indicate ongoing maintenance.
- **Documentation**: Available via Doxygen-generated docs in Debian/Ubuntu packages.

### Use Cases
- **Network Security**: Enables advanced packet filtering and firewalling.
- **Traffic Control**: Supports network management tasks like QoS and NAT.
- **Kernel Integration**: Facilitates interaction with the **nf_tables** subsystem without kernel modifications.

## References

1. [libnftnl 1.2.4 release. 2022](https://marc.info/?l=netfilter&m=166809337529461&w=2)
2. [libnftnl 1.2.5 release. 2023](https://marc.info/?l=netfilter&m=167839216212619&w=2)
3. [libnftnl 1.2.6 release. 2023](https://marc.info/?l=netfilter&m=168909466515144&w=2)
4. [libnftnl 1.2.7 release. 2024](https://marc.info/?l=netfilter&m=172104953916049&w=2)
5. [libnftnl 1.2.8 release. 2024](https://marc.info/?l=netfilter&m=172790952219283&w=2)
6. [libnftnl 1.2.9 release. 2025](https://marc.info/?l=netfilter&m=174465204825696&w=2)
7. [libnftnl 1.3.0 release. 2025](https://marc.info/?l=netfilter&m=175448002619828&w=2)
8. [[ANNOUNCE] libnftnl 1.3.1 release. 2025](https://marc.info/?l=netfilter&m=176479010617091&w=2)
9. [Source](https://packages.debian.org/source/bookworm/libnftnl)