Firewall

Under Beckhoff RT Linux^®, nftables is used as a firewall, a framework of the Netfilter project that enables packet filtering, network address translation (NAT) and other applications. The nftables firewall is the default and recommended firewall framework in Debian and replaces the old iptables and related toolboxes. The firewall is restrictive by default with regard to incoming and forwarded connections. Necessary connections such as local loopback communication, SSH (port 22), ICMP and ICMPv6 are permitted. All outgoing connections are permitted.

The current status and the rules of nftables are displayed with the following command:

sudo nft list ruleset

This command provides a complete overview of the currently configured firewall rules. The configuration files for nftables are located in the /etc/nftables.conf.d directory and contain an initial basic configuration for the system.

Further Information

Disabling and enabling the firewall
Enable port