blob: 657d0aea227296c40bc2e97f3a068c48e53b4a1d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
#!/bin/bash
set -e
RULESET="table ip x {
chain x {
meta pkttype broadcast udp dport { 67, 547 } accept
meta pkttype multicast udp dport 1900 drop
}
chain y {
ip saddr 1.1.1.1 ip daddr 2.2.2.2 accept
ip saddr 4.4.4.4 ip daddr 5.5.5.5 accept
ip saddr 2.2.2.2 ip daddr 3.3.3.3 drop
}
}"
$NFT -o -f - <<< $RULESET
|