#!/bin/bash

set -e

$NFT add table t
$NFT add chain t prerouting {type filter hook prerouting priority 0 \; }

# wrong hook prerouting, only input/forward/output is valid
$NFT add rule t prerouting reject 2>/dev/null || exit 0
echo "E: accepted reject in prerouting hook" >&2
exit 1