Differences

This shows you the differences between two versions of the page.

--- linux_router:nftables [2023-09-19 Tue wk38 20:05] – [Sample NFTables configuration] baumkp
+++ linux_router:nftables [2024-09-21 Sat wk38 20:29] (current) – [iptables] baumkp
@@ Line 1: / Line 1: @@
 {{tag>linux router NFtables firewall}}
 =====NFTables Configuration=====
 The best reference for nftables is at the dedicated wiki [[https://wiki.nftables.org/|wiki nftables]]. Some other references I found [[https://gist.github.com/wolfhechel/db7ed3be31feb104752e|nftables router]]. The reference at stosb is good, but not for a router [[https://stosb.com/blog/explaining-my-configs-nftables/|Explaining My Configs: nftables]].
@@ Line 7: / Line 6: @@
 Dont forget to ensure the router is allowed to forward packets:
-  * ''sudo sysctl net.ipv6.ip_forward'' to check
+  * ''sudo sysctl net.ipv4.ip_forward'' to check
-  * ''sudo sysctl net.ipv6.ip_forward=1'' to set or =0 turn off
+  * ''sudo sysctl net.ipv4.ip_forward=1'' to set or =0 turn off
   * ''sudo sysctl net.ipv6.conf.all.forwarding=1'' similar for ipv6
+====iptables====
+It is not a good idea to have both iptables and nftables rules setup at the same time.
+  *To check existing iptables rules: ''sudo iptables -S'', the output should be as follows, indicating no restrictions:
+<code text>-P INPUT ACCEPT
+-P FORWARD ACCEPT
+-P OUTPUT ACCEPT</code>
+  *The iptables rules can be flushed with ''sudo iptables -F''.
 ====Sample NFTables configuration====