chore(kb): revise articles about network traffic filtering a bit more

2026-02-08 21:34:25 +00:00 · 2025-12-30 14:06:58 +01:00
parent 31bb67a0c6
commit d1b60b26f8
1 changed files with 6 additions and 0 deletions
--- a/base/nftables.md
+++ b/base/nftables.md
@@ -104,6 +104,10 @@ nft -s list ruleset > '/path/to/nftables.dump'
 # Read commands from files.
 nft --file 'path/to/file'
 nft -f 'path/to/file'
+
+# Listen to all events.
+# Reports in the native nft format.
+nft monitor
 ```

 </details>
@@ -141,6 +145,8 @@ nft chain 'inet' 'my_table' 'my_input' '{ policy drop ; }'

 # Add rules to chains.
 nft add rule 'inet' 'base_table' 'input_filter' tcp dport 80 drop
+nft add rule 'ip' 'ssh' 'ssh_chain' tcp dport 22 accept
+nft add rule 'inet' 'filter' 'input' log

 # Delete chains.
 nft delete chain 'inet' 'base_table' 'input_filter'