nftables
Modern framework for packet filtering and classification replacing iptables.
Synopsis
nft [OPTION]... [COMMAND]
Examples
sudo nft list ruleset
sudo nft add table inet filter
sudo nft add rule inet filter input tcp dport 80 accept
sudo nft flush ruleset
Common options
| Flag | Description |
|---|---|
| list ruleset | Show all rules |
| add rule | Add a new rule |
| delete rule | Remove a rule |
| flush ruleset | Remove all rules |
| -f | Read commands from file |
About nftables
The `nftables` command modern framework for packet filtering and classification replacing iptables. Networking commands handle connectivity testing, DNS resolution, data transfer, remote access, firewall rules, and traffic analysis.
Linux is the dominant server operating system, and strong networking skills are essential for web hosting, container orchestration, security auditing, and infrastructure management. The command accepts 5 commonly used flags shown above, though the full set of options is available in the man page (`man nftables`).
The 4 examples on this page cover typical real-world usage patterns that you can copy and adapt for your own workflows.
Related commands
More Network Commands
Other commands in the Network category