#!/usr/sbin/nft -f

flush ruleset

table inet filter {
	chain input {
		type filter hook input priority filter;
{% for port in open_ports %}
    iifname "{{ port.interface }}" {{ port.protocol }} dport {{ port.port }} accept;
{% endfor %}
	}
	chain forward {
		type filter hook forward priority filter;
	}
	chain output {
		type filter hook output priority filter;
	}
}