On Wed, 08 Apr 2026 14:05:18 +0200 Roy <[email protected]> wrote:
> > > > Can you suggest some good documentation to start with? As I mentioned, > there is a lot of outdated information, and it’s really difficult to > filter out what’s essential. > Any tutorial based on nftables will be fairly recent and certainly applicable. Most of the obsolete stuff is going to be iptables and the older frontends. Even so, there's a means of translating iptables code to nftables, so if you find something really useful in iptables, it can probably be ported fairly easily. As to frontends: I haven't tried one for a long time, but they basically simplify the compact but not greatly readable syntax of nftables, and iptables before it. The other edge of that blade is that they cannot do everything you can do with the raw kernel-driving code. It's a steep learning curve if you're not previously familiar with iptables (and still somewhat steep if you are) but it gives you more control. As an aside, I don't do it much now, but I used to use iptables quite a lot as a cheap and nasty logging tool, nowhere near as versatile as Wireshark and the others, but if you just want to see if a particular protocol is getting in or out of somewhere, it's very quick to add a logging rule. A little harder with nftables. -- Joe
