Where to get nftables?
Solution 1
I too am looking for nftables, but as I understand, with 14.04 we have the 3.13 Kernel, and the 3.13 Kernel is the first version to get Nftables merged into it. Merging does not mean working, it just means the code is to a degree good and can be merged without creating other problems.
iptables is still in the 14.04 and on any other distro until nftables gets a stable release (More so than the 0.3 that was again merged with the Kernel). This, with the fact that nft user-space utils are not there yet will make the wait for nftables a bit longer.
With that in mind, if you don't want to wait you can use the Nftables step by step installation which includes git cloning the Linux kernel and settings other variables so that you can have Nftables working on your end. This information can be found in regit.org
Aside from this, here is a feature request
Solution 2
Starting from the very beginning of the 2018 nftable framework is ready to use in production environments. It supports 3/4 of the existing iptables features, although it provides new features that you cannot find in iptables.
Framework requires to have kernel >= 3.13, but running a newer kernel >= 4.10 is recommended. After
apt install nftables
Note: Make sure you don't run both iptables together with nftables.
There is a tool to convert from iptables configuration into nftables configuration:
https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nftables
Start by issuing the command nft -a list ruleset and start building from there. The list of rulesets will not be empty by default.
Solution 3
apt-get install nftables
root@forevernow ~ # cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.2 LTS"
Related videos on Youtube
08 : 51
02 : 21
![NFTABLES [PART - 1] : "Concept and Syntax"](https://i.ytimg.com/vi/lHLPZlZLWgs/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLABANVKQNMwM6Zf-AfNbYR1nSJ-Dw)
09 : 30
![NFTABLES [Part - 2] : LIVE DEMO!](https://i.ytimg.com/vi/MFJA7T2nFMc/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLCN-jtlNKJfi6ZclEvnIurbeFWSzQ)
15 : 52
41 : 42
0xC0000022L
human father bibliophile geek & ~nerd misanthropic philanthropist skeptic code necromancer programmer reverse engineer (RCE) / software archaeologist / grayhat hacker moderator on reverseengineering system administrator FLOSS enthusiast Debian, FreeBSD and Ubuntu aficionado
Updated on September 18, 2022Comments
-
0xC0000022L over 1 year
As far as I understand the kernel facility
nftablesexists in the kernel that comes with Ubuntu 14.04. As is proven by the following two commands:# grep -E '(NF_TABLES|NFT_)' /boot/config-$(uname -r) CONFIG_NF_TABLES=m CONFIG_NFT_EXTHDR=m CONFIG_NFT_META=m CONFIG_NFT_CT=m CONFIG_NFT_RBTREE=m CONFIG_NFT_HASH=m CONFIG_NFT_COUNTER=m CONFIG_NFT_LOG=m CONFIG_NFT_LIMIT=m CONFIG_NFT_NAT=m CONFIG_NFT_COMPAT=m CONFIG_NF_TABLES_IPV4=m CONFIG_NFT_REJECT_IPV4=m CONFIG_NFT_CHAIN_ROUTE_IPV4=m CONFIG_NFT_CHAIN_NAT_IPV4=m CONFIG_NF_TABLES_ARP=m CONFIG_NF_TABLES_IPV6=m CONFIG_NFT_CHAIN_ROUTE_IPV6=m CONFIG_NFT_CHAIN_NAT_IPV6=m CONFIG_NF_TABLES_BRIDGE=m # lsmod |grep nf nf_conntrack_ipv4 15012 1 nf_defrag_ipv4 12758 1 nf_conntrack_ipv4 nf_nat_ipv4 13263 1 iptable_nat nf_nat 21798 3 ipt_MASQUERADE,nf_nat_ipv4,iptable_nat nf_conntrack 96976 5 ipt_MASQUERADE,nf_nat,nf_nat_ipv4,iptable_nat,nf_conntrack_ipv4However,
apt-file search nftablesdoes not yield any results, nor doesapt-cache search nftables.So where can I get the new frontend for
nftables, i.e. thenftablesprogram matching the kernel modules?-
Panther about 10 yearsI do not have any experience , but there is a how to here - home.regit.org/netfilter-en/nftables-quick-howto . I am not sure how much or how little of that is in the ubuntu repositories, my guess is not much =). If the link I gave you works, it can be converted into an answer. -
Panther about 10 yearsHere is a ppa - launchpad.net/~xuzhen666/+archive/nftables
-