On Sun 10 Jul 2022, at 06:25, Gareth Evans <donots...@fastmail.fm> wrote:
> Thanks Roger, that also suggests "policy drop" in its nftables examples.
As someone on firewalld-users kindly pointed out, there is
> table inet firewalld {
> chain filter_INPUT {
[...]
> reject with icmpx admin-prohibited <--- catch-all reject
> }
which seems equivalent to ufw's qualified "policy drop".
Panic over.
G
