Beginners guide to traffic filtering with nftables

The replacement of iptables is known as nftables. In this article, we learn to install nftables and configure it, to secure your Linux systems.


Learn how to use nftables in this introduction guide to the tool. With common examples, frequently asked questions, and generic tips.

Differences between iptables and nftables explained

An overview of the differences between firewall technologies iptables and nftables. We highlight the major differences like simplicity and management.


The seasoned Linux administrator will be familiar with iptables, the network traffic filter. If you ever configured a Linux system with an ethernet bridge configuration, you might even have worked with ebtables. Or possibly you wanted to filter ARP traffic and used arptables? Newcomer nftables has arrived, with the purpose to replace iptables, ip6tables, ebtables and arptables. As with every big upcoming change, it is good to know the differences. We explain what makes nftables different to iptables, and why you want to adopt it in the near future.

Block IP addresses in Linux with iptables

Use iptables and ipset to create a blacklist and block one or more IP addresses on Linux. This guide will explain how to use and configure blacklists.


Most system administrators will already be familiar with iptables. It is around for quite a while and is enabled by default within the Linux kernel. We can use iptables to block one, multiple IP addresses, or even full networks. This may come in handy when you get repeating port scans or see failed login attempts in your log files. Time to get started and block some IP addresses! Check existing iptables configuration The first step is to validate existing iptables rules.