nftables does not read its conf file

  • Bonjour,

    I try to have nftables as my default firewal on omv, but someone (?) has written something somewhere that prevent nftables to read its configation file (/etc/nftables.conf).

    Whatever I write in this configation file, nft list ruleset -a returns:

    table inet filter { # handle 40

    chain input { # handle 1

    type filter hook input priority 0; policy accept;


    chain forward { # handle 2

    type filter hook forward priority 0; policy accept;


    chain output { # handle 3

    type filter hook output priority 0; policy accept;



    Thank you.


  • Bonjour,

    Nobody answered, so I give what I have done to use nftables.

    1- I deleted iptables alternatives:

    update-alternatives --remove iptables /usr/sbin/iptables-legacy

    update-alternatives --remove iptables /usr/sbin/iptables-nft

    Same for ip6tables:

    update-alternatives --remove ip6tables /usr/sbin/ip6tables-legacy

    update-alternatives --remove ip6tables /usr/sbin/ip6tables-nft

    2- I removed x-permissions from script


    chmod u-x g-x a-x /etc/iptables/

    3- I deleted all lines between <iptables> and </iptables> in xml config file /etc/openmediavault/config.xml

    4- I removed all kernel modules concerning iptables with rmmod

    And, at last, I could configure nftables.... and get it working.

    Next time I will remove iptables packages...

    That's all.


  • Good to read, please flag the post as "resolved' via 'edit thread' at top.

    Maybe applying Netiquette would have resulted in responses :)

    omv 5.6.5-1 (usul) on RPi4/4GB with Kernel 5.10.x and WittyPi 3 V2 RTC HAT

    2x 6TB HDD formatted with ext4 in Icy Box IB-RD3662-C31 / hardware supported RAID1

    For Read/Write performance of SMB shares hosted on this hardware see forum here

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!