This document provides an overview of iptables and nftables. Iptables is a user-space tool that controls netfilter, the Linux kernel module for network packet filtering and network address translation (NAT). It operates on tables, chains, and rules to filter packets. Nftables is the newer replacement for iptables that offers a more concise syntax without default tables or chains. It is based on network families and uses expressions, statements, and sets to filter packets as they pass through hooks and chains.