1. CaffeineAddict

    Solved Are iptables an obstacle if using nftables?

    I have nftables configured and that's what's used for firewalling, but out of curiosity I've run iptables in terminal and figured out it's installed and configured to allow all traffic. I'm not sure how is it possible that 2 firewalls are installed at the same time. I don't know if iptables...
  2. A

    How to use connection tracking with Forward?

    Hi everyone. I am setting up my firewall and want to close services, which open in docker too, in one place. So, my rules look like this: nft add table inet PREROUTING nft 'add chain inet PREROUTING lower_filter { type filter hook prerouting priority -130; policy drop; }' nft add rule inet...
  3. SpongeB0B

    [Solved] Allow apt in nftables

    Hi everyone, I'm trying to do a apt --update but I get -> So the DNS resolution is passing but not to connection to :( It's my nftables that block it but I don't what to open to allow the connection Here my nftables table ip6 Tip6 { chain chPR { type filter...
  4. U

    IPtables rules to NFTables rules

    OS: Debian 11 x86_64 I am looking to convert some of my iptable rules to nftables. I have tried to use iptables-translate, but it is not translating all of my rules. My original iptables script: #!/bin/sh sudo apt install iptables # accept ports 500 and 4500, required for IKEv2 sudo...
  5. SpongeB0B

    How change date format of ulogd2 ?

    Hi everyone, I followed this tutorial to externalize my nftables log to another log than /var/log/messages it work, unfortunately the date format is I would like to change it to something close to I've looked in the ulogd documentation but found nothing about it... Any ideas ? or other...
  6. SpongeB0B

    [solved] nftables how add saddr to icmp ?

    Hi everyone, How can we add saddr to icmp ? for example table ip Tip { type filter hook input priority 0; policy drop; icmp type echo-request counter log prefix "echo: " accept } How can I specify a source address ? I've tried table ip Tip { type filter hook input priority 0...