shaker/pihole/update_nft.sh

13 lines
432 B
Bash
Raw Normal View History

2022-08-05 10:07:16 -04:00
#!/bin/sh
get_handle(){
local my_handle=$( nft -a list table $1|awk 'BEGIN{c0} /related,established/{c++; if (c==1) print $NF}' )
echo $my_handle
}
2022-08-05 21:30:13 -04:00
nft insert rule filter FORWARD tcp dport 53 drop
nft insert rule filter FORWARD udp dport 53 drop
2022-08-05 10:07:16 -04:00
handle=$(get_handle filter)
nft add rule filter INPUT position $handle iifname "vif*" tcp dport 53 accept
nft add rule filter INPUT position $handle iifname "vif*" udp dport 53 accept