Configuring tables: Difference between revisions
Jump to navigation
Jump to search
Jeff.welling (talk | contribs) m (Mention the gotcha re flushing tables doesn't flush sets within that table) |
Jeff.welling (talk | contribs) m (Note about flush ruleset vs flush table) |
||
Line 36: | Line 36: | ||
This removes the rules ''for every chain'' that you register in that table. | This removes the rules ''for every chain'' that you register in that table. | ||
'''Note:''' ''nft flush table ip filter'' will not flush '''Sets''' defined within that table, to | '''Note:''' ''nft flush table ip filter'' will not flush '''Sets''' defined within that table, and will cause an error if the table to be flushed does not exist and you're using Linux <4.9.0, which you can overcome by flushing the ruleset. | ||
==== Flush Ruleset ==== | |||
Flush your whole configuration, tables sets and all: | |||
<source lang="bash"> | |||
% nft flush ruleset | |||
</source> |
Revision as of 07:53, 27 January 2018
Adding tables
% nft add table ip filter
Show/List tables
% nft list tables
Deleting tables
% nft delete table ip foo
Troubleshooting: Since Linux kernel 3.18, you can delete tables and its content with this command. However, before that version, you need to delete its content first, otherwise you hit an error that look like this:
% nft delete table filter
<cmdline>:1:1-19: Error: Could not delete table: Device or resource busy
delete table filter
^^^^^^^^^^^^^^^^^^^
Flushing tables
You can delete all the rules that belong to this table with the following command:
% nft flush table ip filter
This removes the rules for every chain that you register in that table.
Note: nft flush table ip filter will not flush Sets defined within that table, and will cause an error if the table to be flushed does not exist and you're using Linux <4.9.0, which you can overcome by flushing the ruleset.
Flush Ruleset
Flush your whole configuration, tables sets and all:
% nft flush ruleset