nft list ruleset -a
table inet firewall {
    chain incoming {
       type filter hook input priority 0; policy accept;
       iif "lo" accept # handle 5
       ct state established,related accept # handle 7
       tcp dport ssh ct state new accept # handle 8
       drop # handle 9
    }
}