nft -f - <<__EOF
table bridge filter {
	chain INPUT {
		# No input from/to local node ip from batman

		# -p IPv6 -i bat0 --logical-in br-client --ip6-src fdff::1 -j DROP
		iifname "bat0" ibrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop
		# -p IPv6 -i bat0 --logical-in br-client --ip6-dst fdff::1 -j DROP
		iifname "bat0" ibrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop
	}

	chain FORWARD {
		# Do not forward local node ip

		# -p IPv6 --logical-out br-client -o bat0 --ip6-dst fdff::1 -j DROP
		oifname "bat0" obrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop
		# -p IPv6 --logical-out br-client -o bat0 --ip6-src fdff::1 -j DROP
		oifname "bat0" obrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop
	}

	chain OUTPUT {
		# Do not output local node ip to batman

		# -p IPv6 --logical-out br-client -o bat0 --ip6-dst fdff::1 -j DROP
		oifname "bat0" obrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop
		# -p IPv6 --logical-out br-client -o bat0 --ip6-src fdff::1 -j DROP
		oifname "bat0" obrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop
	}
}
__EOF