nftables is a project providing packet filtering and packet classification on Linux, and it is intended to replace existing iptables, ip6tables, arptables and ebtables frameworks. nftables is a combination of a Linux kernel engine, and a userspace utility.It utilizes the building blocks of the Netfilter infrastructure, such as the existing hooks, connection tracking system, userspace queueing component, and logging subsystem.