© 2026 Hashnode
Netfilter is the framework that powers packet filtering, NAT (Network Address Translation), and network packet mangling in the Linux kernel. It serves as the foundation for network security and traffic control tools, most notably iptables and its suc...

To automatically load your nftables masquerade rules at boot, you need to create a systemd service that will apply the /etc/nftables/nft-masquerade.nft file when the system starts. 🛠️ Step 1: Create the Systemd Service Open a terminal and create a ...

Network Address Translation (NAT) is a fundamental networking function, used by businesses of all sizes to connect multiple devices to the internet while conserving public IP addresses. When done correctly, NAT should be seamless—ensuring VPNs, VoIP ...

Linux hosts of various types can be protected using Threat Intelligence feeds and various blocking techniques. He is a variant I’ve used that is done in bash. The script uses nftables and has the package iprange as a dependency. /usr/local/sbin/extra...

In this article, I will write a write-up for Firewall Fundamentals that covers What is the Purpose of a Firewall, Types of Firewalls, Rules in Firewalls, Windows Defender Firewall, and Linux iptables Firewall. Which security solution inspects the in...

In the vast realm of Linux networking, there's a rising star that's changing the game – nftables! 🌟 This packet filtering framework and network manipulation tool is here to revolutionize how you protect and manage your network. So, what's the fuss a...

At this time, Docker isn't compatible with nftables. This is how you can do with an example with Drone CI (Docker Runner). Docker fix for nftables (systemd way) We need to fix docker.service using a little fix to disable iptables and fix the IP range...
