table inet filter { # handle 36
	chain INPUT { # handle 1
		type filter hook input priority filter; policy drop;
		jump EDPM_INPUT # handle 20
	}

	chain FORWARD { # handle 2
		type filter hook forward priority filter; policy accept;
	}

	chain OUTPUT { # handle 3
		type filter hook output priority filter; policy accept;
	}

	chain EDPM_INPUT { # handle 4
		ct state established,related counter packets 121375 bytes 1035163195 accept comment "000 accept related established rules" # handle 5
		meta l4proto icmp ct state new counter packets 1 bytes 34 accept comment "001 accept all icmp" # handle 6
		meta l4proto ipv6-icmp counter packets 10 bytes 720 accept comment "001 accept all ipv6-icmp" # handle 7
		iifname "lo" counter packets 833 bytes 54619 accept comment "002 accept all to lo interface" # handle 8
		ip saddr 0.0.0.0/0 tcp dport 22 ct state new counter packets 7 bytes 400 accept comment "003 Allow ssh from 0.0.0.0/0" # handle 9
		ip6 daddr fe80::/64 udp dport 546 ct state new counter packets 0 bytes 0 accept comment "004 accept ipv6 dhcpv6" # handle 10
		tcp dport 8080 ct state new counter packets 0 bytes 0 accept comment "100 allow ceph_rgw_frontend" # handle 11
		tcp dport { 3300, 6789 } ct state new counter packets 79 bytes 4740 accept comment "110 allow ceph_mon" # handle 13
		tcp dport 6800-7300 ct state new counter packets 333 bytes 19980 accept comment "111 allow ceph_osd" # handle 14
		tcp dport 6800-7300 ct state new counter packets 0 bytes 0 accept comment "113 allow ceph_mgr" # handle 15
		tcp dport 12049 ct state new counter packets 86 bytes 5160 accept comment "120 allow ceph_nfs" # handle 16
		tcp dport 2049 ct state new counter packets 0 bytes 0 accept comment "121 allow ceph_nfs_frontend" # handle 17
		tcp dport { 8080, 8082 } ct state new counter packets 27 bytes 1620 accept comment "122 allow ceph_rgw" # handle 19
	}
}
table inet raw { # handle 37
	chain PREROUTING { # handle 1
		type filter hook prerouting priority raw; policy accept;
	}

	chain OUTPUT { # handle 2
		type filter hook output priority raw; policy accept;
	}
}
table inet nat { # handle 38
	chain PREROUTING { # handle 1
		type nat hook prerouting priority dstnat; policy accept;
	}

	chain INPUT { # handle 2
		type nat hook input priority srcnat; policy accept;
	}

	chain OUTPUT { # handle 3
		type nat hook output priority dstnat; policy accept;
	}

	chain POSTROUTING { # handle 4
		type nat hook postrouting priority srcnat; policy accept;
	}
}
table ip filter { # handle 39
	chain INPUT { # handle 1
		type filter hook input priority filter; policy accept;
	}

	chain FORWARD { # handle 2
		type filter hook forward priority filter; policy accept;
	}

	chain OUTPUT { # handle 3
		type filter hook output priority filter; policy accept;
	}
}
table ip raw { # handle 40
	chain PREROUTING { # handle 1
		type filter hook prerouting priority raw; policy accept;
	}

	chain OUTPUT { # handle 2
		type filter hook output priority raw; policy accept;
	}
}
table ip nat { # handle 41
	chain PREROUTING { # handle 1
		type nat hook prerouting priority dstnat; policy accept;
	}

	chain INPUT { # handle 2
		type nat hook input priority srcnat; policy accept;
	}

	chain OUTPUT { # handle 3
		type nat hook output priority dstnat; policy accept;
	}

	chain POSTROUTING { # handle 4
		type nat hook postrouting priority srcnat; policy accept;
	}
}
table ip6 raw { # handle 42
	chain PREROUTING { # handle 1
		type filter hook prerouting priority raw; policy accept;
	}

	chain OUTPUT { # handle 2
		type filter hook output priority raw; policy accept;
	}
}
table ip6 filter { # handle 43
	chain INPUT { # handle 1
		type filter hook input priority filter; policy accept;
	}

	chain FORWARD { # handle 2
		type filter hook forward priority filter; policy accept;
	}

	chain OUTPUT { # handle 3
		type filter hook output priority filter; policy accept;
	}
}
