Nftables: Difference between revisions
GregoryPower (talk | contribs) m add link to nftables wiki |
GregoryPower (talk | contribs) m add spacing |
||
| Line 1: | Line 1: | ||
This page is a work-in-progress, please reference the [https://wiki.nftables.org/ nftables wiki],[https://netfilter.org/projects/nftables/ netfilter.org's webpage on the nftables project] or the [https://wiki.archlinux.org/title/Nftables archlinux wiki page for nftables]. | This page is a work-in-progress, please reference the [https://wiki.nftables.org/ nftables wiki], [https://netfilter.org/projects/nftables/ netfilter.org's webpage on the nftables project], or the [https://wiki.archlinux.org/title/Nftables archlinux wiki page for nftables]. | ||
=== Enabling nftables via options === | === Enabling nftables via options === | ||
Revision as of 17:50, 24 May 2026
This page is a work-in-progress, please reference the nftables wiki, netfilter.org's webpage on the nftables project, or the archlinux wiki page for nftables.
Enabling nftables via options
Whether to enable nftables and use nftables based firewall if enabled. nftables is a Linux-based packet filtering framework intended to replace frameworks like iptables.
Note that if you have Docker enabled you will not be able to use nftables without intervention. Docker uses iptables internally to setup NAT for containers. This module disables the ip_tables kernel module, however Docker automatically loads the module. Please see https://github.com/NixOS/nixpkgs/issues/24318#issuecomment-289216273 for more information.
There are other programs that use iptables internally too, such as libvirt. For information on how the two firewalls interact, see https://wiki.nftables.org/wiki-nftables/index.php/Troubleshooting#Question_4._How_do_nftables_and_iptables_interact_when_used_on_the_same_system.3F.
Some network configurations may prevent VMs from having network access, see https://wiki.nixos.org/wiki/Networking#Virtualization.
networking.nftables.enable = true