1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
#!/bin/bash set -e RULESET="table ip x { chain y { ct state invalid drop ct state established,related accept } chain z { tcp dport { 1 } accept tcp dport 2-3 drop tcp dport 4 accept } }" $NFT -o -f - <<< $RULESET