Hi,
i try to create a nftables file config to add it by default to my generated router images. maybe there are some more experienced users here which can give some comments…
i have extracted some common parts from my current firewall, currently it is splitted in ipv4 and ipv6…i know it can be combined into inet, but there all statements have to be compatible with both.
i left the distribution default commented on top, so that users can enable it for testing
nftables.conf (4,8 KB)
i’m also unsure if flow-offload has to be activated on top or bottom of the forward chain (before rejected jump of course)