1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
#!/bin/bash set -e EXPECTED="table inet filter { chain ssh_input { } chain wan_input { tcp dport vmap { 22 : jump ssh_input } } chain prerouting { type filter hook prerouting priority -300; policy accept; iif vmap { "lo" : jump wan_input } } }" $NFT -f - <<< "$EXPECTED"