12 Jul
2022
12 Jul
'22
12:54 a.m.
On Mon 11 Jul 2022, at 13:23, Eric Garver egarver@redhat.com wrote: [...]
# nft list chain inet firewalld filter_INPUT table inet firewalld { chain filter_INPUT {
[...]
reject with icmpx admin-prohibited <--- catch-all reject }}
The chain policy is not necessary because there is an explicit rule at the end of the chain.
That had slipped my notice, thank you for confirming.
Kind regards, Gareth