More generic interface list in nftables

system/base/nftables/defaults/main.yml

@@ -1,3 +1,4 @@
 ---
+system_base_interfaces_iifname: []
 system_base_additional_tcp_ports: []
 system_base_udp_ports: []

system/base/nftables/templates/nftables.conf.j2

@@ -10,9 +10,11 @@ table inet filter {
                 # Accept any localhost traffic.
                 iif lo accept;
 
-                # Accept any libvirt traffic.
+{% if system_base_interfaces_iifname %}
-                iifname virbr0 accept;
+                # Accept any traffic on these interfaces.
+                iifname { {{ system_base_interfaces_iifname | join(", ") }} } accept;
 
+{% endif %}
                 # Accept traffic originated from us.
                 ct state established,related accept;