Using nftables for dynamic rules
Create ruleset File nftables.conf table inet mytable { set block_network { type ipv4_addr timeout 1h flags interval } set block_network6 { type ipv6_addr timeout 1h flags interval } chain input { type filter hook input priority 0; ip saddr @block_network drop ip6 saddr @block_network6 drop } } Load ruleset nft -f nftables.conf List ruleset nft list ruleset Add element nft add element ip my_filter block_network { 192.0.2.0/24; } nft add element ip6 my_filter block_network6 { 2001:db8::/32; } Delete element nft delete element ip my_filter block_network { 192.0.2.0/24; } nft delete element ip6 my_filter block_network6 { 2001:db8::/32; } Flush set nft flush ip my_filter block_network nft flush ip6 my_filter block_network6 Backup nft list ruleset > nftables.conf Restore nft restore < nftables.conf Delete Table nft delete table inet mytable Set nft delete set ip my_filter block_network nft delete set ip6 my_filter block_network6 Rule nft delete rule ip my_filter INPUT ip saddr @block_network drop nft delete rule ip6 my_filter INPUT ip6 saddr @block_network6 drop