Projects / nftables


nftables aims to replace the existing {ip,ip6,arp,eb}tables framework. It provides a new packet filtering framework, a new userspace utility, and a compatibility layer for {ip,ip6}tables. nftables is built upon the building blocks of the Netfilter infrastructure such as the existing hooks, the connection tracking system, the userspace queueing component, and the logging subsystem.

Operating Systems

Recent releases

  •  14 Apr 2014 12:10

    Release Notes: This release contains support for the new features in the 3.14 kernel, bugfixes, documentation updates, and more. Among the more prominent new features are hybrid IPv4/IPv6 tables, queue load balancing, and support to change packet and conntrack meta data. This release additionally fixes all known issues on big endian platforms and should be fully functional.

    •  20 Jan 2014 14:22

      Release Notes: This is the first release intended for end users. It is required to use the new nf_tables firewalling infrastructure of the Linux 3.13 kernel. Further information, including how to get started, can be found in the release announcement.


      Project Spotlight


      A Fluent OpenStack client API for Java.


      Project Spotlight

      TurnKey TWiki Appliance

      A TWiki appliance that is easy to use and lightweight.