webmin/nftables/t/rulesets/sets.nft

table inet filter {
    set trusted_v4 {
        type ipv4_addr;
        flags interval;
        elements = { 192.168.1.0/24, 10.0.0.1 }
    }
    set web_ports {
        type inet_service;
        elements = {
            80,
            443
        }
    }
    chain input {
        type filter hook input priority 0; policy drop;
        ip saddr @trusted_v4 tcp dport @web_ports accept
    }
}