Linux Advanced

What is Nftables?

The modern Linux packet filtering framework that replaces iptables with a unified, more efficient rule-processing architecture.

Nftables succeeds iptables, ip6tables, arptables, and ebtables with a single framework. Key improvements include a unified syntax for IPv4/IPv6, atomic rule replacement (update entire rulesets without flickering), built-in set/map data structures for efficient matching, better performance through a virtual machine that processes rules, and a cleaner rule syntax using the nft command. Nftables uses tables, chains, and rules similar to iptables but with more flexibility. It supports named sets, concatenations, and stateful packet tracking. Most modern Linux distributions ship with nftables as the default backend.

Learn More About This Topic

Firewall Configuration: The Complete Guide

Closely related

Linux Firewall Configuration

Closely related

Bash Mastery 2026

Related reading

Related Terms

A system for limiting the amount of disk space or number of files that individual users or groups can consume on a filesystem.

A versatile command-line tool for transferring data using various network protocols, commonly used for API testing.

A command that runs a process immune to hangup signals, allowing it to continue after the terminal session ends.

A Linux security module that restricts program capabilities using per-application profiles, simpler to configure than SELinux.

Redundant Array of Independent Disks — a technology combining multiple physical drives into a single unit for performance, redundancy, or both.

Security-Enhanced Linux — a mandatory access control system that confines programs to minimum required privileges beyond standard file permissions.

View All Linux Terms →