From 6a46ca716b20cd54756afcf875b83b727336ffe8 Mon Sep 17 00:00:00 2001
From: Tristan PILAT <tpilat@evolix.fr>
Date: Wed, 14 Oct 2020 17:14:23 +0200
Subject: [PATCH] Add a set for the blocked IP addresses

---
 minifirewall-start.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/minifirewall-start.sh b/minifirewall-start.sh
index 6214da5..d94a01a 100755
--- a/minifirewall-start.sh
+++ b/minifirewall-start.sh
@@ -93,6 +93,8 @@ $NFT add element inet minifirewall minifirewall_trusted_ips {$(echo $TRUSTEDIPS
 $NFT add set inet minifirewall minifirewall_privileged_ips { type ipv4_addr\;}
 $NFT add element inet minifirewall minifirewall_privileged_ips {$(echo $PRIVILEGIEDIPS | sed 's/ /, /g')}
 
+# Add set for blocked IP addresses
+$NFT add set inet minifirewall minifirewall_blocked_ips '{ type ipv4_addr ; flags interval ;}'
 # Add TCP/UDP chains for protected, public, semi-public and private ports
 $NFT add chain inet minifirewall protected_tcp_ports
 $NFT add chain inet minifirewall protected_udp_ports