Goodbye Iptables; Hello Nftables


Linux kernel 3.13 starts the transition to a new Linux firewall system.

Linux kernel 3.13 is now in the wild, and with it, the new nftables firewall system that will eventually replace the venerable iptables firewall.
Nftables was created by the authors of netfilter system that operates in the background of iptables, and like iptables, nftables will depend on netfilter.
The new firewall has been in development for years and is expected to provide improved reporting, reduced code duplication, better performance, and other benefits. Nftables is designed for backwards compatibility with iptables firewall rules.
For those who favor a more gradual transition, iptables will still be available in Linux 3.13, although netfilter community probably won't be supporting both versions indefinitely. The announcement applies to the official kernel version provided by the Linux kernel development community. If you get your Linux through a mainstream distribution like Fedora, Ubuntu, Suse, etc., you'll need to wait for your distro to implement Linux 3.13 or a later version that includes the new nftables firewall.


Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=