Bridge filtering

From nftables wiki
Jump to: navigation, search

Limitation

There is currently no connection tracking available for bridge filtering.

Examples

Filter on TCP destination port:

nft add rule bridge filter forward ether type ip tcp dport 22 accept

Accept arp packet:

nft add rule bridge filter forward ether type arp accept