# nftables

> userspace utility for Linux packet filtering

**Wikidata**: [Q7021717](https://www.wikidata.org/wiki/Q7021717)  
**Wikipedia**: [English](https://en.wikipedia.org/wiki/Nftables)  
**Source**: https://4ort.xyz/entity/nftables

## Summary
**nftables** is a userspace utility for Linux packet filtering, serving as a modern replacement for iptables. It is part of the Netfilter framework and is used to configure firewall rules, monitor network traffic, and implement packet filtering policies in Linux-based systems.

## Key Facts
- **Use**: Firewall and packet filtering utility for Linux.
- **License**: GNU General Public License, version 2.0.
- **Part of**: Netfilter framework.
- **Replaces**: iptables.
- **Maintained by**: Pablo Neira Ayuso.
- **Platform**: Linux kernel, Linux-libre, and Android.
- **Versions**: Notable releases include 0.9.4 (2020-04-01), 0.9.5 (2020-06-06), and 0.9.9 (2021-05-25).
- **Website**: [https://netfilter.org/projects/nftables/](https://netfilter.org/projects/nftables/), [https://www.nftables.org/](https://www.nftables.org/).
- **Programming Language**: C.

## FAQs
### Q: What is nftables used for?
A: nftables is used for packet filtering and firewall configuration in Linux systems. It allows users to define rules for monitoring and controlling network traffic based on security policies.

### Q: How does nftables differ from iptables?
A: nftables is a modern replacement for iptables, offering a more efficient and flexible syntax for defining firewall rules. It is part of the Netfilter framework and provides improved performance and scalability.

### Q: Who maintains nftables?
A: nftables is maintained by Pablo Neira Ayuso.

### Q: What platforms support nftables?
A: nftables is supported on Linux kernel, Linux-libre, and Android operating systems.

### Q: What license does nftables use?
A: nftables is licensed under the GNU General Public License, version 2.0.

## Why It Matters
nftables plays a crucial role in network security for Linux systems by providing a robust and flexible framework for packet filtering and firewall configuration. As a modern replacement for iptables, it offers improved performance, scalability, and a more intuitive syntax for defining complex network security rules. This makes it an essential tool for system administrators and security professionals who need to manage and secure network traffic effectively. By integrating with the Netfilter framework, nftables ensures that Linux systems can implement advanced security policies, monitor network activity, and protect against unauthorized access and cyber threats.

## Notable For
- **Modern Replacement**: nftables is the successor to iptables, offering a more efficient and flexible syntax for defining firewall rules.
- **Netfilter Integration**: It is part of the Netfilter framework, which is a key component of the Linux kernel's network stack.
- **Cross-Platform Support**: nftables is supported on various Linux-based platforms, including Linux-libre and Android.
- **Open Source**: It is licensed under the GNU General Public License, version 2.0, ensuring that it is freely available and can be modified by the community.
- **Active Maintenance**: nftables is actively maintained by Pablo Neira Ayuso, ensuring ongoing development and support.

## Body
### Overview
nftables is a userspace utility designed for packet filtering and firewall configuration in Linux systems. It is part of the Netfilter framework, which is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack.

### Features
- **Packet Filtering**: nftables allows users to define rules for filtering network packets based on various criteria such as source and destination IP addresses, port numbers, and protocols.
- **Firewall Configuration**: It provides a flexible syntax for configuring firewall rules, making it easier to manage complex security policies.
- **Performance**: nftables offers improved performance compared to its predecessor, iptables, due to its more efficient rule processing and reduced overhead.

### Versions
- **0.8.3**: Released on 2018-03-03.
- **0.9.0**: Released on 2018-06-08.
- **0.9.2**: Released on 2019-08-19.
- **0.9.3**: Released on 2019-12-02.
- **0.9.4**: Released on 2020-04-01.
- **0.9.5**: Released on 2020-06-06.
- **0.9.6**: Released on 2020-06-15.
- **0.9.7**: Released on 2020-10-27.
- **0.9.8**: Released on 2021-01-15.
- **0.9.9**: Released on 2021-05-25.

### Platforms
nftables is supported on the following platforms:
- **Linux kernel**: The primary platform for nftables.
- **Linux-libre**: A version of the Linux kernel without binary blobs.
- **Android**: The mobile operating system created by Google.

### Related Technologies
- **libnftnl**: A Netlink programming interface to the Linux nf_tables subsystem.
- **Netfilter**: The framework within the Linux kernel that provides the infrastructure for packet filtering, network address translation (NAT), and other network-related operations.

### Documentation
- **Man Pages**: nftables.8, nft.8.
- **Website**: [https://netfilter.org/projects/nftables/](https://netfilter.org/projects/nftables/), [https://www.nftables.org/](https://www.nftables.org/).

### Source Code
- **Repository**: [git://git.netfilter.org/nftables.git](git://git.netfilter.org/nftables.git), [https://git.netfilter.org/nftables/](https://git.netfilter.org/nftables/), [https://salsa.debian.org/pkg-netfilter-team/pkg-nftables.git](https://salsa.debian.org/pkg-netfilter-team/pkg-nftables.git).

## Schema Markup
```json
{
  "@context": "https://schema.org",
  "@type": "Thing",
  "name": "nftables",
  "description": "userspace utility for Linux packet filtering",
  "url": "https://netfilter.org/projects/nftables/",
  "sameAs": [
    "https://www.wikidata.org/wiki/Q186055",
    "https://en.wikipedia.org/wiki/Nftables"
  ],
  "additionalType": "https://schema.org/SoftwareApplication"
}

## References

1. [netfilter/iptables project homepage - News of the netfilter/iptables project](https://www.netfilter.org/news.html#2018-03-03)
2. [netfilter/iptables project homepage - News of the netfilter/iptables project](https://www.netfilter.org/news.html)
3. [Source](https://www.netfilter.org/news.html#2019-08-19b)
4. [Source](https://www.netfilter.org/news.html#2019-12-02)
5. [nftables 0.9.3 release. 2019](https://marc.info/?l=netfilter&m=157532146917292&w=2)
6. [nftables 0.9.4 release. 2020](https://marc.info/?l=netfilter&m=158575148505527&w=2)
7. [nftables 0.9.5 release. 2020](https://marc.info/?l=netfilter&m=159144250132190&w=2)
8. [nftables 0.9.6 release. 2020](https://marc.info/?l=netfilter&m=159225380419197&w=2)
9. [nftables 0.9.7 release. 2020](https://marc.info/?l=netfilter&m=160379555303808&w=2)
10. [nftables 0.9.8 release. 2021](https://marc.info/?l=netfilter&m=161074809318720&w=2)
11. [nftables 0.9.9 release. 2021](https://marc.info/?l=netfilter&m=162197756905358&w=2)
12. [nftables 1.0.0 release. 2021](https://marc.info/?l=netfilter&m=162939459210790&w=2)
13. [nftables 1.0.1 release. 2021](https://marc.info/?l=netfilter&m=163724233607275&w=2)
14. [nftables 1.0.2 release. 2022](https://marc.info/?l=netfilter&m=164546566103765&w=2)
15. [nftables 1.0.3 release. 2022](https://marc.info/?l=netfilter&m=165399194307396&w=2)
16. [nftables 1.0.4 release. 2022](https://marc.info/?l=netfilter&m=165461289522999&w=2)
17. [nftables 1.0.5 release. 2022](https://marc.info/?l=netfilter&m=166007475409847&w=2)
18. [[ANNOUNCE] nftables 1.0.6 release. 2022](https://www.mail-archive.com/netfilter-announce@lists.netfilter.org/msg00252.html)
19. [nftables 1.0.7 release. 2023](https://marc.info/?l=netfilter&m=167873533514569&w=2)
20. [nftables 1.0.8 release. 2023](https://marc.info/?l=netfilter&m=168933264008248&w=2)
21. [nftables 1.0.9 release. 2023](https://marc.info/?l=netfilter&m=169771597127268&w=2)
22. [[ANNOUNCE] nftables 1.1.0 release. 2024](https://marc.info/?l=netfilter&m=172116299430028&w=2)
23. [[ANNOUNCE] nftables 1.1.1 release. 2024](https://marc.info/?l=netfilter&m=172790974719428&w=2)
24. [[ANNOUNCE] nftables 1.1.2 release. 2025](https://marc.info/?l=linux-netdev&m=174465273226340&w=2)
25. [[ANNOUNCE] nftables 1.1.3 release. 2025](https://marc.info/?l=linux-netdev&m=174532190918048&w=2)
26. [nftables 1.1.4 release. 2025](https://marc.info/?l=netfilter&m=175448255121305&w=2)
27. [[ANNOUNCE] nftables 1.1.5 release. 2025](https://marc.info/?l=netfilter&m=175633023917258&w=2)
28. [nftables 1.0.6.1 (stable) release. 2025](https://marc.info/?l=netfilter&m=175676782629098&w=2)
29. [[ANNOUNCE] nftables 1.1.6 release. 2025](https://marc.info/?l=netfilter&m=176494669804632&w=2)