nftables is the new packet classification framework that replaces iptables
Provides the latest version of nft command-line utility with the intention
of replacing outdated and buggy packages provided by mainline Linux distributions.
For documentation on how to use nftables see https://wiki.nftables.org/
You may want to create a system-wide alias:
snap alias nftables-pk.nft nft
Quick example (simple packet counter, not hooked to real traffic):
nft add table inet main
nft add chain inet main input
nft add rule inet main input counter accept
nft list ruleset
If you use snapd older than 2.41 you will need the following after installation:
snap connect nftables-pk:network-control
Remember to update your nftables scripts to point to /snap/bin/nft and move
your scripts from /etc/nftables to /var/snap/nftables-pk/common.
Since this snap is fully confined, configuration files must be placed
The packages for RHEL 8 and RHEL 7 are in each distribution’s respective Extra Packages for Enterprise Linux (EPEL) repository. The instructions for adding this repository diverge slightly between RHEL 8 and RHEL 7, which is why they’re listed separately below.
The EPEL repository can be added to RHEL 8 with the following command: