blob: c8d20cee7ca7c9701e7a8ef0e56cf00729213f9f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
#!/bin/bash
# NFT_TEST_REQUIRES(NFT_TEST_HAVE_pipapo)
set -e
RULESET="
flush ruleset
add table ip filter
add chain ip filter FORWARD { type filter hook forward priority 0; policy drop; }
add map ip filter forwport { type ipv4_addr . inet_proto . inet_service: verdict; flags interval; counter; }
add rule ip filter FORWARD iifname enp0s8 ip daddr . ip protocol . th dport vmap @forwport counter
add element ip filter forwport { 10.133.89.138 . tcp . 8081: accept }"
$NFT -f - <<< "$RULESET"
|