aca/notsodeep.nft

## notsodeep.nft
# nft rules for notsodeep services
# Translated by iptables-restore-translate v1.8.7 on Wed Jul 28 02:23:24 2021

add table ip raw
add chain ip raw PREROUTING { type filter hook prerouting priority -300; policy accept; }
add chain ip raw OUTPUT { type filter hook output priority -300; policy accept; }
add rule ip raw PREROUTING tcp sport 80 tcp flags & (syn|ack) == syn|ack counter queue num 200 bypass
add table ip mangle
add chain ip mangle PREROUTING { type filter hook prerouting priority -150; policy accept; }
add chain ip mangle INPUT { type filter hook input priority -150; policy accept; }
add chain ip mangle FORWARD { type filter hook forward priority -150; policy accept; }
add chain ip mangle OUTPUT { type route hook output priority -150; policy accept; }
add chain ip mangle POSTROUTING { type filter hook postrouting priority -150; policy accept; }
add table ip nat
add chain ip nat PREROUTING { type nat hook prerouting priority -100; policy accept; }
add chain ip nat INPUT { type nat hook input priority 100; policy accept; }
add chain ip nat OUTPUT { type nat hook output priority -100; policy accept; }
add chain ip nat POSTROUTING { type nat hook postrouting priority 100; policy accept; }
add table ip filter
add chain ip filter INPUT { type filter hook input priority 0; policy accept; }
add chain ip filter FORWARD { type filter hook forward priority 0; policy drop; }
add chain ip filter OUTPUT { type filter hook output priority 0; policy accept; }
add rule ip filter INPUT tcp sport 443 tcp flags & (syn|ack) == syn|ack counter queue num 200 bypass
	# nft rules for notsodeep services
	# Translated by iptables-restore-translate v1.8.7 on Wed Jul 28 02:23:24 2021

	add table ip raw
	add chain ip raw PREROUTING { type filter hook prerouting priority -300; policy accept; }
	add chain ip raw OUTPUT { type filter hook output priority -300; policy accept; }
	add rule ip raw PREROUTING tcp sport 80 tcp flags & (syn\|ack) == syn\|ack counter queue num 200 bypass
	add table ip mangle
	add chain ip mangle PREROUTING { type filter hook prerouting priority -150; policy accept; }
	add chain ip mangle INPUT { type filter hook input priority -150; policy accept; }
	add chain ip mangle FORWARD { type filter hook forward priority -150; policy accept; }
	add chain ip mangle OUTPUT { type route hook output priority -150; policy accept; }
	add chain ip mangle POSTROUTING { type filter hook postrouting priority -150; policy accept; }
	add table ip nat
	add chain ip nat PREROUTING { type nat hook prerouting priority -100; policy accept; }
	add chain ip nat INPUT { type nat hook input priority 100; policy accept; }
	add chain ip nat OUTPUT { type nat hook output priority -100; policy accept; }
	add chain ip nat POSTROUTING { type nat hook postrouting priority 100; policy accept; }
	add table ip filter
	add chain ip filter INPUT { type filter hook input priority 0; policy accept; }
	add chain ip filter FORWARD { type filter hook forward priority 0; policy drop; }
	add chain ip filter OUTPUT { type filter hook output priority 0; policy accept; }
	add rule ip filter INPUT tcp sport 443 tcp flags & (syn\|ack) == syn\|ack counter queue num 200 bypass