Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- nft flush ruleset
- nft add table ip filter
- nft add chain ip filter INPUT { type filter hook input priority 0 \; policy drop \; }
- nft add chain ip filter FORWARD { type filter hook forward priority 0 \; policy accept \; }
- nft add chain ip filter OUTPUT { type filter hook output priority 0 \; policy accept \; }
- #---------------------Type filter INPUT Chain (for ipv4)------------------------------------------------------
- nft add rule ip filter INPUT iifname "lo" counter accept
- nft add rule ip filter INPUT iifname "ens33" tcp dport { 80,443} counter accept
- nft add rule ip filter INPUT udp dport 53 counter accept
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
