On Sun 10 Jul 2022, at 06:25, Gareth Evans <donots...@fastmail.fm> wrote:
> Thanks Roger, that also suggests "policy drop" in its nftables examples. As someone on firewalld-users kindly pointed out, there is > table inet firewalld { > chain filter_INPUT { [...] > reject with icmpx admin-prohibited <--- catch-all reject > } which seems equivalent to ufw's qualified "policy drop". Panic over. G