files: restore base table skeletons

nftables releases until 0.8.2 included base skeleton hooks
that were installed into /etc/nftables (sysconfdir).

With 0.8.3 and newer these files were moved to the documentation
area but apparently some users expect them to be there.

Resurrect them.

Signed-off-by: Florian Westphal <fw@strlen.de>

1 files changed, 36 insertions, 0 deletions

diff --git a/files/nftables/all-in-one.nft b/files/nftables/all-in-one.nft
new file mode 100755
index 00000000..4ccc0432
--- /dev/null
+++ b/files/nftables/all-in-one.nft
@@ -0,0 +1,36 @@
+#!@sbindir@nft -f
+
+# Here is an example of different families, hooks and priorities in the
+# nftables framework, all mixed together.
+#
+# more examples are located in files/examples in nftables source.
+# For up-to-date information please visit https://wiki.nftables.org
+#
+# This script is mean to be loaded with `nft -f <file>`
+
+# clear all prior state
+flush ruleset
+
+# native dual stack IPv4 & IPv6 family
+include "./inet-filter.nft"
+
+# netdev family at ingress hook. Attached to a given NIC
+include "./netdev-ingress.nft"
+
+# IPv4 family, typical iptables tables/chains layout
+include "./ipv4-filter.nft"
+include "./ipv4-mangle.nft"
+include "./ipv4-nat.nft"
+include "./ipv4-raw.nft"
+
+# IPv6 family, typical ip6tables tables/chains layout
+include "./ipv6-filter.nft"
+include "./ipv6-mangle.nft"
+include "./ipv6-nat.nft"
+include "./ipv6-raw.nft"
+
+# ARP family, typical arptables tables/chain layout
+include "./arp-filter.nft"
+
+# bridge family, typical ebtables tables/chain layout
+include "./bridge-filter.nft"