Using nftables for dynamic rules
Create ruleset File nftables.conf table inet mytable { set block_network { type ipv4_addr timeout 1h flags interval } set block_network6 { type ipv6_addr timeout 1h flags interval } chain input { type filter hook input priority 0; ip saddr @block_network drop ip6 saddr @block_network6 drop } } Load ruleset nft -f nftables.conf List ruleset nft list ruleset Add element nft add element inet my_filter block_network { 192.0.2.0/24; } nft add element inet my_filter block_network6 { 2001:db8::/32; } Delete element nft delete element inet my_filter block_network { 192.0.2.0/24; } nft delete element inet my_filter block_network6 { 2001:db8::/32; } Flush set nft flush set inet my_filter block_network nft flush set inet my_filter block_network6 Backup nft list ruleset > nftables.conf Restore nft restore < nftables.conf Delete Table nft delete table inet mytable Set nft delete set inet my_filter block_network nft delete set inet my_filter block_network6 Rule nft delete rule inet my_filter INPUT ip saddr @block_network drop nft delete rule inet my_filter INPUT ip6 saddr @block_network6 drop