The text in my previous mail ( http://permalink.gmane.org/gmane.comp.security.firewalls.netfilter.general/48565 ) about the typo in Nftables Archlinux Wiki should have read (notice the dport, twice): https://wiki.archlinux.org/index.php/Nftables#Practical_examples Different rules for different interfaces is: tcp port http accept tcp port https accept but there ought to be: tcp dport http accept tcp dport https accept And then only the example works, as I showed in my Gentoo Forums topic: A Firewalled Internet Access to Internal Subnet https://forums.gentoo.org/viewtopic-t-1041028.html#7897320 as Neal P. Murphy pointed out to me in private email. Thanks, and sorry.
Attachment:
signature.asc
Description: PGP signature
