Tree - rpms/nftables - CentOS Git server

Blob History Raw

		f1d1c0	`# Sample configuration snippet for nftables service.`
		f1d1c0	`# Meant to be included by main.nft, not for direct use.`
		f1d1c0
		f1d1c0	`# a common table for both IPv4 and IPv6`
		f1d1c0	`table inet nftables_svc {`
		f1d1c0
		f1d1c0	`# base-chain for traffic forwarded by this host`
		f1d1c0	`# re-uses 'allow' chain from main.nft`
		f1d1c0	`chain FORWARD {`
		f1d1c0	`type filter hook forward priority filter + 20`
		f1d1c0	`policy accept`
		f1d1c0
		f1d1c0	`jump allow`
		f1d1c0	`reject with icmpx type host-unreachable`
		f1d1c0	`}`
		f1d1c0	`}`