Skip to content

Instantly share code, notes, and snippets.

@cjac

cjac/gist:23f94ee5dc0a68bae33c64be409bf640

Created August 2, 2020 16:53
Show Gist options
  • Save cjac/23f94ee5dc0a68bae33c64be409bf640 to your computer and use it in GitHub Desktop.
Save cjac/23f94ee5dc0a68bae33c64be409bf640 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
root@mini:~# nft list table ip filter
table ip filter {
chain INPUT {
type filter hook input priority 0; policy accept;
}
chain FORWARD {
type filter hook forward priority 0; policy accept;
}
chain OUTPUT {
type filter hook output priority 0; policy accept;
}
}
root@tiny:~# nft list table ip filter
table ip filter {
chain INPUT {
type filter hook input priority 0; policy accept;
}
chain FORWARD {
type filter hook forward priority 0; policy accept;
}
chain OUTPUT {
type filter hook output priority 0; policy accept;
}
}
root@ogion:~# nft list table ip filter
table ip filter {
chain INPUT {
type filter hook input priority 0; policy accept;
iifname "virbr0" meta l4proto udp udp dport 53 counter packets 0 bytes 0 accept
iifname "virbr0" meta l4proto tcp tcp dport 53 counter packets 0 bytes 0 accept
iifname "virbr0" meta l4proto udp udp dport 67 counter packets 0 bytes 0 accept
iifname "virbr0" meta l4proto tcp tcp dport 67 counter packets 0 bytes 0 accept
}
chain FORWARD {
type filter hook forward priority 0; policy accept;
oifname "virbr0" ip daddr 192.168.122.0/24 ct state related,established counter packets 0 bytes 0 accept
iifname "virbr0" ip saddr 192.168.122.0/24 counter packets 0 bytes 0 accept
iifname "virbr0" oifname "virbr0" counter packets 0 bytes 0 accept
oifname "virbr0" counter packets 0 bytes 0 reject
iifname "virbr0" counter packets 0 bytes 0 reject
}
chain OUTPUT {
type filter hook output priority 0; policy accept;
oifname "virbr0" meta l4proto udp udp dport 68 counter packets 0 bytes 0 accept
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment