mikroskeem/duplicate-rules.nft Secret

## duplicate-rules.nft
table ip filter {
	chain forward {
		type filter hook forward priority filter; policy drop;
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		jump cni-ffw-emperortestcontalpine
		log prefix "ip4 forward drop: "
		counter packets 0 bytes 0 drop
	}

	chain cni-ffw-emperortestcontalpine {
		oifname "cni-br-emp-main" ip daddr 10.140.12.8 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" ip saddr 10.140.12.8 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-main" ip daddr 10.140.12.2 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" ip saddr 10.140.12.2 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-main" ip daddr 10.140.12.3 ct state established,related counter packets 10 bytes 2246 accept
		iifname "cni-br-emp-main" ip saddr 10.140.12.3 counter packets 12 bytes 836 accept
		iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-svc" ip daddr 10.150.12.2 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-svc" ip saddr 10.150.12.2 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-svc" oifname "cni-br-emp-svc" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-main" ip daddr 10.140.12.4 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" ip saddr 10.140.12.4 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-svc" ip daddr 10.150.12.3 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-svc" ip saddr 10.150.12.3 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-svc" oifname "cni-br-emp-svc" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-main" ip daddr 10.140.12.5 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" ip saddr 10.140.12.5 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
		oifname "cni-br-emp-svc" ip daddr 10.150.12.4 ct state established,related counter packets 0 bytes 0 accept
		iifname "cni-br-emp-svc" ip saddr 10.150.12.4 counter packets 0 bytes 0 accept
		iifname "cni-br-emp-svc" oifname "cni-br-emp-svc" counter packets 0 bytes 0 accept
	}
}
	table ip filter {
	chain forward {
	type filter hook forward priority filter; policy drop;
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	jump cni-ffw-emperortestcontalpine
	log prefix "ip4 forward drop: "
	counter packets 0 bytes 0 drop
	}

	chain cni-ffw-emperortestcontalpine {
	oifname "cni-br-emp-main" ip daddr 10.140.12.8 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" ip saddr 10.140.12.8 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-main" ip daddr 10.140.12.2 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" ip saddr 10.140.12.2 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-main" ip daddr 10.140.12.3 ct state established,related counter packets 10 bytes 2246 accept
	iifname "cni-br-emp-main" ip saddr 10.140.12.3 counter packets 12 bytes 836 accept
	iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-svc" ip daddr 10.150.12.2 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-svc" ip saddr 10.150.12.2 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-svc" oifname "cni-br-emp-svc" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-main" ip daddr 10.140.12.4 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" ip saddr 10.140.12.4 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-svc" ip daddr 10.150.12.3 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-svc" ip saddr 10.150.12.3 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-svc" oifname "cni-br-emp-svc" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-main" ip daddr 10.140.12.5 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" ip saddr 10.140.12.5 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-main" oifname "cni-br-emp-main" counter packets 0 bytes 0 accept
	oifname "cni-br-emp-svc" ip daddr 10.150.12.4 ct state established,related counter packets 0 bytes 0 accept
	iifname "cni-br-emp-svc" ip saddr 10.150.12.4 counter packets 0 bytes 0 accept
	iifname "cni-br-emp-svc" oifname "cni-br-emp-svc" counter packets 0 bytes 0 accept
	}
	}