---

nft: true   # Overrule om geen nftables uit te rollen
nft_main_config:            "/etc/nftables.conf"

# Default policies per chain ( drop / reject / accept )
nft_policy_input:           "drop"
nft_policy_forward:         "accept"
nft_policy_output:          "accept"
# Same for nat traffic
nft_policy_prerouting:  "accept"
nft_policy_postrouting: "accept"

# Host/Port allows
nft_group_rules: []

# And per host/group additions to rules:
group_nft_input: []
group_nft_forward: []
group_nft_output: []

host_nft_input: []
host_nft_forward: []
host_nft_output: []

group_nft_postrouting: []
host_nft_postrouting: []
group_nft_prerouting: []
host_nft_prerouting: []

nft_defines: []
nft_defines_group: []