babel-tester/firewall/restrict-http.conf

20 lines
424 B
Plaintext
Executable File

#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0;
}
chain forward {
type filter hook forward priority 0; policy accept
ip daddr 172.17.0.0/30 tcp dport { 80 } accept;
tcp dport { 0-65535 } reject;
udp dport { 0-65535 } reject;
accept
}
chain output {
type filter hook output priority 0;
}
}