templates/nftables.conf.j2 - ansible/role/netprep - Gitiles

 #!/usr/sbin/nft -f
 {#
 SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
 SPDX-License-Identifier: Apache-2.0
 #}

 flush ruleset

 # Primary rules
 table inet filter {
   chain input {
     type filter hook input priority 0;
   }
   chain forward {
     type filter hook forward priority 0;
   }
   chain output {
     type filter hook output priority 0;
   }
 }

 # NAT
 table ip nat {
   chain prerouting {
     type nat hook prerouting priority -100;
   }

   chain postrouting {
     type nat hook postrouting priority 100;
     oifname "{{ netprep_nat_if }}" masquerade;
 {% if netprep_nftables_nat_postrouting %}
 {{ netprep_nftables_nat_postrouting | indent(width=4) }}
 {% endif %}
   }
 }
	#!/usr/sbin/nft -f
	{#
	SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
	SPDX-License-Identifier: Apache-2.0
	#}

	flush ruleset

	# Primary rules
	table inet filter {
	chain input {
	type filter hook input priority 0;
	}
	chain forward {
	type filter hook forward priority 0;
	}
	chain output {
	type filter hook output priority 0;
	}
	}

	# NAT
	table ip nat {
	chain prerouting {
	type nat hook prerouting priority -100;
	}

	chain postrouting {
	type nat hook postrouting priority 100;
	oifname "{{ netprep_nat_if }}" masquerade;
	{% if netprep_nftables_nat_postrouting %}
	{{ netprep_nftables_nat_postrouting \| indent(width=4) }}
	{% endif %}
	}
	}