nftables

Hi everyone. I am setting up my firewall and want to close services, which open in docker too, in one place. So, my rules look like this: nft add table inet PREROUTING nft 'add chain inet PREROUTING lower_filter { type filter hook prerouting priority -130; policy drop; }' nft add rule inet...

Hi everyone, I'm trying to do a apt --update but I get -> So the DNS resolution is passing but not to connection to deb.devuan.org:80 :( It's my nftables that block it but I don't what to open to allow the connection Here my nftables table ip6 Tip6 { chain chPR { type filter...

OS: Debian 11 x86_64 I am looking to convert some of my iptable rules to nftables. I have tried to use iptables-translate, but it is not translating all of my rules. My original iptables script: #!/bin/sh sudo apt install iptables # accept ports 500 and 4500, required for IKEv2 sudo...

Hi everyone, I followed this tutorial to externalize my nftables log to another log than /var/log/messages it work, unfortunately the date format is I would like to change it to something close to I've looked in the ulogd documentation but found nothing about it... Any ideas ? or other...

Hi everyone, How can we add saddr to icmp ? for example table ip Tip { type filter hook input priority 0; policy drop; icmp type echo-request counter log prefix "echo: " accept } How can I specify a source address ? I've tried table ip Tip { type filter hook input priority 0...