initial version (alpha)

This commit is contained in:
Danny Morabito 2025-10-12 13:10:59 -05:00
commit b5de726919
Signed by: dannym
GPG key ID: 7CC8056A5A04557E
58 changed files with 1237 additions and 0 deletions

View file

@ -0,0 +1,32 @@
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority filter; policy drop;
# Allow established/related
ct state established,related accept
# Allow loopback
iface lo accept
# Allow SSH
tcp dport 22 accept
# Allow ping
icmp type echo-request accept
icmpv6 type echo-request accept
# Drop everything else
}
chain forward {
type filter hook forward priority filter; policy drop;
}
chain output {
type filter hook output priority filter; policy accept;
}
}