Create ruleset

File `nftables.conf`

table inet mytable {
    set block_network {
        type ipv4_addr
        timeout 1h
        flags interval
    }
    set block_network6 {
        type ipv6_addr
        timeout 1h
        flags interval
    }

    chain input {
        type filter hook input priority 0;
        ip saddr @block_network drop
        ip6 saddr @block_network6 drop
    }
}

Load ruleset

nft -f nftables.conf

List ruleset

nft list ruleset

Add element

nft add element ip my_filter block_network { 192.0.2.0/24; }
nft add element ip6 my_filter block_network6 { 2001:db8::/32; }

Delete element

nft delete element ip my_filter block_network { 192.0.2.0/24; }
nft delete element ip6 my_filter block_network6 { 2001:db8::/32; }

Flush set

nft flush ip my_filter block_network
nft flush ip6 my_filter block_network6

Backup

nft list ruleset > nftables.conf

Restore

nft restore < nftables.conf

Delete

Table

nft delete table inet mytable

Set

nft delete set ip my_filter block_network
nft delete set ip6 my_filter block_network6

Rule

nft delete rule ip my_filter INPUT ip saddr @block_network drop
nft delete rule ip6 my_filter INPUT ip6 saddr @block_network6 drop

Create ruleset#

File nftables.conf#

Load ruleset#

List ruleset#

Add element#

Delete element#

Flush set#

Backup#

Restore#

Delete#

Table#

Set#

Rule#

Create ruleset

File `nftables.conf`

Load ruleset

List ruleset

Add element

Delete element

Flush set

Backup

Restore

Delete

Table

Set

Rule