The nftables package provides user-space tools to control the Linux nftables subsystem.

A service that loads the rules from /etc/nftables.d can be enabled with:

rc-update add nftables boot
rc-service nftables start

The default rules shipped will block all incoming connections.

See also

• nftables - ArchWiki
• nftables project homepage
• Uncomplicated Firewall: Firewall program with higher level abstractions.