fix: nftables file location

templates/nftables.conf.j2

@@ -1,63 +0,0 @@
-#!/usr/sbin/nft -f
-
-flush ruleset
-
-table inet filter {
-    chain input {
-        type filter hook input priority 0; policy drop;
-
-        # Allow established/related
-        ct state established,related accept
-
-        # Allow loopback
-        iif lo accept
-
-        # Allow LAN management access
-        iif {{ lan_interface }} accept
-
-        # Allow incoming firewall rules
-{% for rule in incoming_firewall_rules %}
-        # {{ rule.name }}
-        iif {{ lan_interface }} ip saddr {{ rule.source }} {{ rule.protocol | default('tcp') }} dport {{ rule.port }} accept
-{% endfor %}
-
-        # Allow ICMP
-        ip protocol icmp accept
-        ip6 nexthdr ipv6-icmp accept
-    }
-
-    chain forward {
-        type filter hook forward priority 0; policy drop;
-
-        # Allow established/related
-        ct state established,related accept
-
-        # Allow forwarding from LAN to anywhere
-        iif {{ lan_interface }} oif {{ wan_interface }} accept
-{% for forward in nat_port_forwards %}
-        # {{ forward.name }}
-        iif {{ wan_interface }} oif {{ lan_interface }} ip daddr {{ forward.dst }} {{ forward.protocol | default('tcp') }} dport {{ forward.port }} accept
-{% endfor %}
-    }
-
-    chain output {
-        type filter hook output priority 0; policy accept;
-    }
-}
-
-table ip nat {
-    chain postrouting {
-        type nat hook postrouting priority 100; policy accept;
-
-        # NAT masquerade from LAN to WAN
-        oif {{ wan_interface }} masquerade
-    }
-
-    chain prerouting {
-        type nat hook prerouting priority -100; policy accept;
-{% for forward in nat_port_forwards %}
-        # {{ forward.name }}
-        iif {{ wan_interface }} {{ forward.protocol | default('tcp') }} dport {{ forward.port }} dnat to {{ forward.dst }}:{{ forward.port }}
-{% endfor %}
-    }
-}