Name

nftables.service — Static Firewall Configuration with nftables.service

Description

An nftables systemd service is provided which allows to setup static firewall rulesets based on a configuration file.

To use this service, you need to create the main configuration file in /etc/nftables/rules/main.nft. A template for this can be copied from /usr/share/doc/nftables/main.nft. Alternatively, `nft list ruleset >main.nft` could be used to save the active configuration (if any) to the file.

Once the desired static firewall configuration is in place, it can be tested by running `systemctl start nftables.service`. To enable the service at boot time, run `systemctl enable nftables.service`.

See also

nft(8)