The nftables replaces the popular {ip,ip6,arp,eb}tables. This software provides a new in-kernel packet classification framework that is based on a network-specific for Linux operating system. nftables is going to be a default in Debian Linux 9 and is part of the Linux kernel since version 3.13. This quick post explains how to install and use it on Debian Linux system.
From the blog post:
Debian Stretch stable includes the nftables framework, ready to use. Created by the Netfilter project itself, nftables is the firewalling tool that replaces the old iptables, giving the users a powerful tool. Yes, nftables replaces iptables. You are highly encouraged to migrate from iptables to nftables.
- Read more:New in Debian stable Stretch: nftables