How can I switch back to iptables from nftables after upgrading to Ubuntu?

ConfigServer Security & Firewall (csf) currently only supports using iptables so when upgrading to Ubuntu 20.04 LTS or Ubuntu 22.04 LTS which uses nftables by default you must switch back to iptables.

1. To switch back to iptables:

update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
update-alternatives --set arptables /usr/sbin/arptables-legacy
update-alternatives --set ebtables /usr/sbin/ebtables-legacy

2. Re-link the symbolic links if they do not exist:

ln -s /etc/alternatives/iptables /sbin/iptables
ln -s /etc/alternatives/iptables-save /sbin/iptables-save
ln -s /etc/alternatives/iptables-restore /sbin/iptables-restore
ln -s /etc/alternatives/ip6tables /sbin/ip6tables
ln -s /etc/alternatives/ip6tables-save /sbin/ip6tables-save
ln -s /etc/alternatives/ip6tables-restore /sbin/ip6tables-restore

3. Go to the Juggernaut Firewall -> Settings -> Binary Settings and press the default button at the bottom of the page to apply the correct paths to the iptables binaries. 

Now everything should be switched over to iptables and CSF should function correctly.


  • nftables, ubuntu 20
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How can I raise the open file limit for the login failure daemon?

The login failure daemon can crash if you are monitoring a lot of domains in Plesk and are...

How can I test to make sure that the OS has all the required kernel modules required for Juggernaut Firewall?

Test from the Juggernaut Extension You can run the firewall test by going to Juggernaut Firewall...

How can I only allow SSH from my IP address and block it on the firewall for everyone else?

First make sure that your IP address is whitelisted on the firewall so you do not accidentally...

How can I adjust the attack triggers used by the login failure daemon?

To Adjust Login Failure Triggers Navigate to Juggernaut Firewall -> Settings -> Login...

Where are the configuration files for Juggernaut Firewall located?

Configuration files are located in the /etc/csf/ directory with the main firewall configuration...