About Rulesets and Tables
nftables includes rulesets that contain all configuration structures within
nftables. Tables are the top level structure in rulesets within which are contained various
objects such as chains, rules, and so on.
Managing Rulesets and Tables
To manage
nftable rulesets and tables in memory, do the following:
-
Create a table for a specific address family type using the following syntax:
sudo nft add table <address_family> <table_name>
In the previous,- <address_family> can be
ip,ip6,inet,arp,bridge, ornetdev. Allnftablesobjects are in one of these address families. For more information about these address families, see thenft(8)manual page. - <table_name> is the name of the table. Tables contain chains, which in turn contain rules.
For example, the following command creates a table calledmytablewith the inet family, which includes addresses for IP version 4 and 6:sudo nft add table inet mytable - <address_family> can be
- Do the following:
- To view all rulesets, do the following:
sudo nft list ruleset - To view a single table, do the following:
sudo nft list table <address_family> <table_name>
- To view all rulesets, do the following: