[Unit]
Description=nftables static rule set
Documentation=file:/usr/share/doc/packages/nftables/README.SUSE
Wants=network-pre.target
Before=network-pre.target shutdown.target
Conflicts=shutdown.target
Conflicts=firewalld.service
DefaultDependencies=no
AssertPathExists=/etc/nftables/rules/main.nft

[Service]
Type=oneshot
RemainAfterExit=yes
StandardInput=null
ProtectSystem=full
ProtectHome=true
ExecStart=/usr/sbin/nft -f /etc/nftables/rules/main.nft
ExecReload=/usr/sbin/nft -f /etc/nftables/rules/main.nft
ExecStop=/usr/sbin/nft flush ruleset

[Install]
WantedBy=sysinit.target