- $IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 53 -j ACCEPT
- $IPTABLES -A INPUT -p udp --sport 53 --dport 1024: -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 113 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 123 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 123 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 137:139 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 137:139 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 443 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 445 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 1194 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 9418 -j ACCEPT
+ nft add rule ip filter input tcp dport 22 accept
+ nft add rule ip filter input tcp dport 25 accept
+ nft add rule ip filter input tcp dport 53 accept
+ nft add rule ip filter input udp dport 53 accept
+ nft add rule ip filter input udp sport 53 udp dport 1024-65535 accept
+ nft add rule ip filter input tcp dport 80 accept
+ nft add rule ip filter input tcp dport 113 accept
+ nft add rule ip filter input tcp dport 123 accept
+ nft add rule ip filter input udp dport 123 accept
+ nft add rule ip filter input tcp dport 137-139 accept
+ nft add rule ip filter input udp dport 137-139 accept
+ nft add rule ip filter input tcp dport 443 accept
+ nft add rule ip filter input tcp dport 445 accept
+ nft add rule ip filter input udp dport 1194 accept
+ nft add rule ip filter input tcp dport 9418 accept