From fb6e4ad1dfeac6a36e5c3be72edb591fe8ef082b Mon Sep 17 00:00:00 2001
From: nd <git@notandy.de>
Date: Sat, 25 Sep 2021 15:02:49 +0200
Subject: [PATCH] add option to disable counter for single rules

---
 defaults/main.yml          | 1 +
 templates/nftables.conf.j2 | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 46b8a83..00bd905 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -4,6 +4,7 @@ firewall:
       statement: accept
       matches: ~
       priority: 1000
+      counter: True
     input: {}
     forward: {}
     output: {}
diff --git a/templates/nftables.conf.j2 b/templates/nftables.conf.j2
index 143aae3..b55fb20 100644
--- a/templates/nftables.conf.j2
+++ b/templates/nftables.conf.j2
@@ -2,7 +2,7 @@
 #!/usr/sbin/nft -f
 
 {%- macro nftrule(rule) -%}
-	{{rule.matches }} {% if not rule.statement == "counter" %}counter {% endif %}{{ rule.statement }} comment "{{ rule.comment }}"
+	{{rule.matches }} {% if not rule.statement == "counter" or not rule.counter %}counter {% endif %}{{ rule.statement }} comment "{{ rule.comment }}"
 {% endmacro %}
 
 {%- macro nftchain(name) -%}