add rule inet filter input tcp dport { 80, 443 , 30080, 30443 } counter accept comment "nft_public"