diff options
| -rwxr-xr-x | projectroot/etc/nftables.conf | 15 | ||||
| -rw-r--r-- | rules/nftables.make | 1 |
2 files changed, 16 insertions, 0 deletions
diff --git a/projectroot/etc/nftables.conf b/projectroot/etc/nftables.conf new file mode 100755 index 000000000..2c09327d7 --- /dev/null +++ b/projectroot/etc/nftables.conf @@ -0,0 +1,15 @@ +#!/usr/sbin/nft -f + +flush ruleset + +table filter { + chain input { + type filter hook input priority 0; + } + chain forward { + type filter hook forward priority 0; + } + chain output { + type filter hook output priority 0; + } +} diff --git a/rules/nftables.make b/rules/nftables.make index 74828a2e9..7645784dd 100644 --- a/rules/nftables.make +++ b/rules/nftables.make @@ -56,6 +56,7 @@ $(STATEDIR)/nftables.targetinstall: @$(call install_fixup, nftables,DESCRIPTION,missing) @$(call install_copy, nftables, 0, 0, 0755, -, /usr/sbin/nft) + @$(call install_alternative, nftables, 0, 0, 0755, /etc/nftables.conf) @$(call install_finish, nftables) |