From 61fee53bf3d40283ad5ddbe437b3f421a308652f Mon Sep 17 00:00:00 2001 From: Grant Slater Date: Tue, 19 Mar 2024 11:15:05 +0000 Subject: [PATCH] networking: add flush command to nftables script --- cookbooks/networking/templates/default/nftables.erb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cookbooks/networking/templates/default/nftables.erb b/cookbooks/networking/templates/default/nftables.erb index 778e57a21..7484877d5 100644 --- a/cookbooks/networking/templates/default/nftables.erb +++ b/cookbooks/networking/templates/default/nftables.erb @@ -40,6 +40,11 @@ unblock() { done } +flush() { + /usr/sbin/nft flush set inet chef-filter ip-blocklist + /usr/sbin/nft flush set inet chef-filter ip6-blocklist +} + command=$1 shift @@ -49,6 +54,7 @@ case "$command" in reload) reload;; block) block "$@";; unblock) unblock "$@";; + flush) flush;; esac exit 0 -- 2.39.5