doc/source/system/net/nftables.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

<!DOCTYPE html>
<html>
	<head>
    	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    	<meta http-equiv="Content-Language" content="en" />
		<meta name="viewport" content="width=device-width, initial-scale=1.0" />
    	<title>nftables service</title>
    	<meta name="Description" content="System oneshot to set the firewall up using nftables." />
    	<meta name="Keywords" content="goetia s6-rc Linux net firewall system supervision tree" />
	</head>
	<header>
		<p>
			<a href="//0x53.net/software/goetia/goetia-linux">goetia-linux</a>
			<br />
			<a href="//0x53.net/software/goetia">goetia</a>
			<br />
			<a href="//0x53.net/software">Software</a>
			<br />
			<a href="//0x53.net">0x53.net</a>
		</p>
	</header>
	<body>
		<h1>The nftables service</h1>
		<p>
    		nftables is a
    		<a href="https://skarnet.org/software/s6-rc/s6-rc-compile.html#source">oneshot service</a>
    		to use
    		<a href="https://wiki.nftables.org/wiki-nftables/index.php/Main_Page">nftables</a>
		</p>
		<ul>
    		<li>
        		It runs <code>nft -f /etc/nftables.rules</code>
        		when it is started.
    		</li>
    		<li>
        		It runs <code>nft flush ruleset</code>
        		when it is stopped.
    		</li>
		</ul>
	</body>
</html>