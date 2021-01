cat /etc/sysconfig/nftables.conf table inet filter {

chain input {

type filter hook input priority 0; policy drop;

ct state established,related accept comment "Accept traffic originated from us" iif lo accept comment "Accept all loopback connections" ip protocol icmp accept comment "Accept ICMP"

ip6 nexthdr icmpv6 accept comment "Accept ICMPv6" udp dport 5353 counter accept comment "Accept mDNS/UDP (resolved)" udp dport 5060 counter accept comment "Accept SIP/UDP (Baresip)"

tcp dport { 5060, 5061 } counter accept comment "Accept SIP/TCP (Baresip)"

udp dport { 16384-16389 } counter accept comment "Accept RTP (Baresip)" tcp dport 9881 counter accept comment "Accept Torrent/TCP (Transmission)"

udp dport 9881 counter accept comment "Accept Torrent/UDP (Transmission)" counter comment "Count any other traffic"

} chain forward {

type filter hook forward priority 0; policy drop;

} chain output {

type filter hook output priority 0; policy accept;

}

} ^^^ вот это разве непонятно? по-моему проще чем что-то по менюшкам натыкивать...