projects / config / nftables.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add a Makefile to make it easier to deploy the configuration
[config/nftables.git] / Makefile
1 all:
2
3 deploy-workstation:
4         if ! diff -q /etc/nftables.conf nftables-workstation.nft > /dev/null; \
5         then \
6           sudo cp nftables-workstation.nft /etc/nftables.conf; \
7           sudo etckeeper vcs commit -m "nftables.conf: import latest upstream config" -- nftables.conf; \
8         fi
9         for ipt in iptables ip6tables; \
10         do \
11           sudo $$ipt -F; \
12           sudo $$ipt -X; \
13           for chain in INPUT OUTPUT FORWARD;\
14           do \
15             sudo $$ipt -P $$chain ACCEPT; \
16           done \
17         done
18         sudo systemctl restart nftables.service
Configuration files for the nftables linux packet filtering framework