nftables is part of the netfilter sub-system inside the Linux kernel. It essential for the implementation of Linux based firewalls, routers or any other kind of gateways that require control over incoming network packets. It is the successor of the iptables subsystem, but also provides the functionality of ip6tables, arptables, and ebtables under the same hood.
By this, the configuration of networking filter rules has been significantly simplified, as the tasks of four different tools are now focused in one software component with a consistent syntax.
Setting up the nftables Sub-System
Enabling nftables for an ELinOS system is a straight forward task. First, setup an embedded Linux instance with network support. If you haven’t done so before, please take a look at the following article that guides you through the according steps: Read more
While following those instructions, it is crucial to set the checkbox for the “Networking” feature set in step 5.
The above guide will also make you familiar with the tool “Feature Configurator”. It allows to enable functionality on a very high level. We will now start the “Feature Configurator” by double clicking on the corresponding item in the top-level folder of your ELinOS system project. Once the Feature Configurator has come up, you’ll find a tree structure of all available features. Now, please navigate to “Network packet filtering” and enable it by selecting the corresponding checkmark. Expand the sub-tree and make sure that nftables is selected.
More information at www.sysgo.com/elinos
Twitter
LinkedIn
Facebook
Pocket
RSS
