Netfilter

Netfilter
Netfilter
Initial release	26 August 1999 (Linux 2.3.15)
Stable release	6.15.3 / 19 June 2025
Written in	C
Operating system	Linux
Type	Linux kernel module; Packet filter/firewall;
License	GNU GPL
Website	netfilter.org

Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Netfilter offers various functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required for directing packets through a network and prohibiting packets from reaching sensitive locations within a network.

Netfilter represents a set of hooks inside the Linux kernel, allowing specific kernel modules to register callback functions with the kernel's networking stack. Those functions, usually applied to the traffic in the form of filtering and modification rules, are called for every packet that traverses the respective hook within the networking stack.^[2]

^ Greg Kroah-Hartman (19 June 2025). "Linux 6.15.3". Retrieved 19 June 2025.
^ "netfilter/iptables project homepage - The netfilter.org project". netfilter.org. Retrieved 2014-07-04.

[wikidata-104b7f0e778b827b6de5c7bc3597db5e82b3ff17-v18-1] Greg Kroah-Hartman (19 June 2025). "Linux 6.15.3". Retrieved 19 June 2025.

[2] "netfilter/iptables project homepage - The netfilter.org project". netfilter.org. Retrieved 2014-07-04.

[1]

[2]

Netfilter
Initial release	26 August 1999; 25 years ago (1999-08-26) (Linux 2.3.15)

Stable release	6.15.3^[1] / 19 June 2025; 9 days ago (19 June 2025)

Written in	C
Operating system	Linux
Type	Linux kernel module Packet filter/firewall
License	GNU GPL
Website	netfilter.org