| William A. Kennington III | c20feb7 | 2021-03-08 12:31:30 -0800 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | shopt -s nullglob |
| 3 | declare -A basemap=() |
| 4 | i=0 |
| 5 | for dir in /run/nftables /etc/nftables /usr/share/nftables; do |
| 6 | for file in "$dir"/*.rules; do |
| 7 | basemap["${file##*/}$i"]="$file" |
| 8 | done |
| 9 | let i+=1 |
| 10 | done |
| William A. Kennington III | 7356f8e | 2021-12-15 02:21:52 -0800 | [diff] [blame] | 11 | |
| 12 | rules="" |
| 13 | trap 'rm -f -- "$rules"' TERM INT EXIT ERR |
| 14 | rules="$(mktemp)" || exit |
| 15 | echo 'flush ruleset' >"$rules" |
| William A. Kennington III | c20feb7 | 2021-03-08 12:31:30 -0800 | [diff] [blame] | 16 | for key in $(printf "%s\n" "${!basemap[@]}" | sort -r); do |
| William A. Kennington III | 7356f8e | 2021-12-15 02:21:52 -0800 | [diff] [blame] | 17 | echo "Loading ${basemap[$key]}" >&2 |
| 18 | echo '' >>"$rules" |
| 19 | cat "${basemap[$key]}" >>"$rules" |
| William A. Kennington III | c20feb7 | 2021-03-08 12:31:30 -0800 | [diff] [blame] | 20 | done |
| William A. Kennington III | 7356f8e | 2021-12-15 02:21:52 -0800 | [diff] [blame] | 21 | nft -f "$rules" || exit |