{
  "nftables": [
    {
      "metainfo": {
        "version": "VERSION",
        "release_name": "RELEASE_NAME",
        "json_schema_version": 1
      }
    },
    {
      "table": {
        "family": "inet",
        "name": "filter",
        "handle": 0
      }
    },
    {
      "chain": {
        "family": "inet",
        "table": "filter",
        "name": "input2",
        "handle": 0,
        "type": "filter",
        "hook": "input",
        "prio": 0,
        "policy": "accept"
      }
    },
    {
      "chain": {
        "family": "inet",
        "table": "filter",
        "name": "output2",
        "handle": 0,
        "type": "filter",
        "hook": "output",
        "prio": 0,
        "policy": "accept"
      }
    },
    {
      "rule": {
        "family": "inet",
        "table": "filter",
        "chain": "input2",
        "handle": 0,
        "expr": [
          {
            "match": {
              "op": "==",
              "left": {
                "payload": {
                  "protocol": "ip",
                  "field": "saddr"
                }
              },
              "right": "1.2.3.4"
            }
          },
          {
            "match": {
              "op": "==",
              "left": {
                "payload": {
                  "protocol": "tcp",
                  "field": "dport"
                }
              },
              "right": {
                "set": [
                  22,
                  123,
                  443
                ]
              }
            }
          },
          {
            "drop": null
          }
        ]
      }
    },
    {
      "rule": {
        "family": "inet",
        "table": "filter",
        "chain": "output2",
        "handle": 0,
        "expr": [
          {
            "match": {
              "op": "==",
              "left": {
                "payload": {
                  "protocol": "ip",
                  "field": "daddr"
                }
              },
              "right": "1.2.3.4"
            }
          },
          {
            "match": {
              "op": "==",
              "left": {
                "payload": {
                  "protocol": "tcp",
                  "field": "dport"
                }
              },
              "right": {
                "set": [
                  22,
                  123,
                  443
                ]
              }
            }
          },
          {
            "drop": null
          }
        ]
      }
    }
  ]
}