Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Ubuntu 16.04
System Settings
Network Configuration and Firewalls
nftables
Nftables Base Chain Policies
Nftables Base Chain Policies
An XCCDF Value
Details
Profiles
Prose
Nftables Base Chain Policies
This is the default verdict that will be applied to packets reaching the end of the chain (i.e, no more rules to be evaluated against). Currently there are 2 policies:
accept
this verdict means that the packet will keep traversing the network stack.
drop
this verdict means that the packet is discarded if the packet reaches the end of the base chain.