- $IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 53 -j ACCEPT
- $IPTABLES -A INPUT -p udp --sport 53 --dport 1024: -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 113 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 123 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 123 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 137:139 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 137:139 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 443 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 445 -j ACCEPT
- $IPTABLES -A INPUT -p udp --dport 1194 -j ACCEPT
- $IPTABLES -A INPUT -p tcp --dport 9418 -j ACCEPT
+ nft add rule ip filter input dport 22 proto tcp counter accept
+ nft add rule ip filter input dport 25 proto tcp counter accept
+ nft add rule ip filter input dport 53 proto tcp counter accept
+ nft add rule ip filter input dport 53 proto udp counter accept
+ nft add rule ip filter input sport 53 dport 1024- proto udp counter accept
+ nft add rule ip filter input dport 80 proto tcp counter accept
+ nft add rule ip filter input dport 113 proto tcp counter accept
+ nft add rule ip filter input dport 123 proto tcp counter accept
+ nft add rule ip filter input dport 123 proto udp counter accept
+ nft add rule ip filter input dport 137-139 proto tcp counter accept
+ nft add rule ip filter input dport 137-139 proto udp counter accept
+ nft add rule ip filter input dport 443 proto tcp counter accept
+ nft add rule ip filter input dport 445 proto tcp counter accept
+ nft add rule ip filter input dport 1194 proto udp counter accept
+ nft add rule ip filter input dport 9418 proto tcp counter accept