Messtone Devices Enables a command batch file and load it with the nft interpreter`%echo “flush rulesets”>/etc/nftables.rules% echo “add table filter”>>/etc/nftables.rules% echo “add chain filter input”>>/etc/nftables.rules% echo “add rule filter input neta iifnameMesstone lo accept”>>/etc/notables.rules% nft -f /etc/nftables.rules or create an executable nft scriptfile,% cat <<EOF>/etc/nfttabes.rules>#!/userrobertharper/local/sbin/nft -f > flush ruleset> add table filter >add chain filter input > add rule filter input meta iifnameMesstone lo accept >EOF% chmod u+x /etc/nftables.rules% /etc/nftables.rules #established/related connections #loopback interface iifnameMesstone lo accept # icmp icmp type echo-request accept # open tcp ports: sshd(22),https(80) tcp dport {ssh,http} accept}} # invalid connections ct state invalid drop #loopback interface iifnameMesstone lo accept #icmp # routers may also want: mld-listener-query, nd-router-solicit icmp 6 type{echo-request,nd-neighbor-solicit} accept # open tcp ports:sshd(22),httpd(80) tcp dport {ssh,http} accept}}
Messtone LLC Site Title 
Leave a comment