Nftables
Overview
nftables is the modern Linux firewall interface for netfilter.
It replaces many separate tools (iptables, ip6tables, arptables, ebtables) with a unified ruleset and syntax.
Why It Exists
Cleaner rule model and syntax compared to iptables. Easier to express sets/maps and more complex policies. Unified IPv4/IPv6 handling (depending on family and ruleset design).
Practical Notes
Many distros ship iptables as a wrapper over nftables; always confirm what backend you’re actually using.
Frontends like firewalld may manage nftables under the hood.