How to define port range in nftables
8,852
A simple dash without braces should do the trick:
tcp dport 1000-2000 accept
More examples of ranges and sets can be found in the official wiki wiki.nftables.org Intervals
Related videos on Youtube
08 : 51
Getting Started with nftables Firewall in Debian
04 : 35
RHCSA 8 - nftables compared with iptables / ip6tables
![NFTABLES [PART - 1] : "Concept and Syntax"](https://i.ytimg.com/vi/lHLPZlZLWgs/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLABANVKQNMwM6Zf-AfNbYR1nSJ-Dw)
09 : 30
NFTABLES [PART - 1] : "Concept and Syntax"
56 : 58
Tutorial: Firewalls with NFtables - John Hawley, VMware
12 : 21
Forward a TCP port to another IP or port using NAT with nftables
01 : 37
DevOps & SysAdmins: How to define port range in nftables?
12 : 44
16 nftables – A More Universal Type of Firewall System
Author by
Lamnk
Updated on September 18, 2022Comments
-
Lamnk over 1 year
I want to open a range of TCP ports in
nftableson my servers.Normally, in netfilter/iptables I can write the rule like this
iptables -A INPUT -p tcp 1000:2000 -j ACCEPTI tried to write in the same way in
/etc/nftables.conftcp dport {1000:2000} acceptbut
nftreports/etc/nftables.conf:24:15-24: Error: mapping outside of map context tcp dport {1000:2000} accept ^^^^^^^^^^