1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
#!/bin/bash set -e EXPECTED="define interfaces = { eth0, eth1 } table ip x { map z { type ifname : verdict elements = { \$interfaces : drop, lo : accept } } chain y { iifname vmap { lo : accept, \$interfaces : drop } } }" $NFT -f - <<< "$EXPECTED"