linux_router:nftables

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
linux_router:nftables [2023-09-19 Tue wk38 19:59] – [Sample NFTables configuration] baumkplinux_router:nftables [2023-11-05 Sun wk44 14:06] (current) – [NFTables Configuration] baumkp
Line 7: Line 7:
  
 Dont forget to ensure the router is allowed to forward packets: Dont forget to ensure the router is allowed to forward packets:
-  * ''sudo sysctl net.ipv6.ip_forward'' to check +  * ''sudo sysctl net.ipv4.ip_forward'' to check 
-  * ''sudo sysctl net.ipv6.ip_forward=1'' to set or =0 turn off+  * ''sudo sysctl net.ipv4.ip_forward=1'' to set or =0 turn off
   * ''sudo sysctl net.ipv6.conf.all.forwarding=1'' similar for ipv6    * ''sudo sysctl net.ipv6.conf.all.forwarding=1'' similar for ipv6 
 ====Sample NFTables configuration==== ====Sample NFTables configuration====
Line 273: Line 273:
  
 ++++mail server ports:| ++++mail server ports:|
-  * smtp {25} / smtps {465} +  * smtp {25} / (smtps) submissions {465} / submission {587} - (My mail server uses smtp / submission on ports 25 / 587 respectivily) 
-  * imap {143} / imaps {993}  (My mail server uses starttls with 143) +  * imap {143} / imaps {993} (My mail server uses starttls on port 143) 
-  * +  * pop3 {110} / pop3s {995} - who still uses pop3? 
 +''nft'' translates ports to service namesas defined in /etc/services
 ++++ ++++
 ===Some configuration notes=== ===Some configuration notes===
  • /app/www/public/data/attic/linux_router/nftables.1695124778.txt.gz
  • Last modified: 2023-09-19 Tue wk38 19:59
  • by baumkp