extensions/libipt_REJECT.txlate - manifest_repos/iptables - Git at Google

 iptables-translate -A FORWARD -p TCP --dport 22 -j REJECT
 nft add rule ip filter FORWARD tcp dport 22 counter reject

 iptables-translate -A FORWARD -p TCP --dport 22 -j REJECT --reject-with icmp-net-unreachable
 nft add rule ip filter FORWARD tcp dport 22 counter reject with icmp type net-unreachable

 iptables-translate -A FORWARD -p TCP --dport 22 -j REJECT --reject-with tcp-reset
 nft add rule ip filter FORWARD tcp dport 22 counter reject with tcp reset
	iptables-translate -A FORWARD -p TCP --dport 22 -j REJECT
	nft add rule ip filter FORWARD tcp dport 22 counter reject

	iptables-translate -A FORWARD -p TCP --dport 22 -j REJECT --reject-with icmp-net-unreachable
	nft add rule ip filter FORWARD tcp dport 22 counter reject with icmp type net-unreachable

	iptables-translate -A FORWARD -p TCP --dport 22 -j REJECT --reject-with tcp-reset
	nft add rule ip filter FORWARD tcp dport 22 counter reject with tcp reset