Pastein: #!/usr/sbin/nft -f flush ruleset table inet filter { chain input { type filter hook input priority 0; policy drop; ct state related, established accept iifname "l

Загрузка данных

#!/usr/sbin/nft -f

flush ruleset

table inet filter {
    chain input {
        type filter hook input priority 0; policy drop;
        ct state related, established accept
        iifname "lo" accept
        iifname "wg0" icmp type echo-request accept
        iifname "enp0s8" accept
        tcp dport 22 accept
        udp dport 51820 accept
    }

    chain forward {
        type filter hook forward priority 0; policy drop;
        ct state related, established accept
        iifname "wg0" accept
        iifname "wg0" oifname "enp0s3" ct state related,established accept
        oifname "wg0" iifname "enp0s3" ct state related,established accept
    }

    chain output {
        type filter hook output priority 0; policy accept;
    }
}

table inet nat {
    chain postrouting {
        type nat hook postrouting priority 100; policy accept;
        oifname "enp0s3" masquerade
    }
}

Больше возможностей при регистрации: