32 lines
744 B
Plaintext
32 lines
744 B
Plaintext
#!/usr/bin/nft -f
|
|
# vim:set ts=2 sw=2 et:
|
|
|
|
destroy table inet filter
|
|
table inet filter {
|
|
chain input {
|
|
type filter hook input priority filter; policy drop;
|
|
|
|
#tcp dport 32768-40960 counter meta nftrace set 1 accept comment "WoW VoiceError:17"
|
|
|
|
ct state invalid counter drop
|
|
ct state {established,related} counter accept
|
|
|
|
iif "lo" counter accept
|
|
ip protocol {icmp,icmpv6} counter accept
|
|
|
|
counter meta nftrace set 1 comment "dropped"
|
|
}
|
|
|
|
chain forward {
|
|
type filter hook forward priority filter; policy drop;
|
|
|
|
counter meta nftrace set 1 comment "dropped"
|
|
}
|
|
|
|
chain output {
|
|
type filter hook output priority filter; policy accept;
|
|
|
|
counter comment "accepted"
|
|
}
|
|
}
|