search for: whitelist_v4

...ervice elements = $s-ext-2-int } } # nft -f ruleset.nft Useful to improve ruleset maintainability, as you can split out variable and set definitions from the filtering policy itself. * Allow to use variable definitions from element commands, eg. define whitelist_v4 = { 1.1.1.1 } table inet filter { set whitelist_v4 { type ipv4_addr; } } add element inet filter whitelist_v4 $whitelist_v4 * Add support to flush set. You can use this new command to remove all existing elements in a set, eg. # nft flush set filter xyz Note that t...