{"description": "The rules in nftables are attached to chains. Unlike in iptables, \nthere are no predefined chains like INPUT, OUTPUT, etc. Instead, \nto filter packets at a particular processing step, a base chain with a \nchosen name should be created, and attached it to the appropriate \nNetfilter hook. \n ", "type": "string", "operator": "equals", "interactive": true, "options": {"default": "input,forward,output", "input": "input", "output": "output", "forward": "forward", "chain_names": "input,forward,output"}, "warnings": [], "title": "Nftables Chain Names", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-nftables/var_nftables_base_chain_names.var"}