added HLS, added iperf to udp, added argent and its NAT rule

defines.nft

@@ -9,18 +9,20 @@ define HTTPS_PORT = 443
 define RPCBIND_PORT = 111
 define NFS_PORT = 2049
 define MOUNTD_PORT = 32767
+define HLS_PORT = 1935
 define SYNCPLAY_PORT = 60000
 define TERRARIA_PORT = 7777
 define MAINPAGE_PORT = 3000
 define NEXTCLOUD_PORT = 3001
 define GITEA_PORT = 3002
-define IPERF_PORT = 5201
+define MARIADB_PORT = 3306
-define MARIADB_PORT = 3096
+define ARGENT_PORT = 53306
 define POSTGRESQL_PORT = 5432
 
 # TCP and UDP services (needs to go in both sets)
 define DNS_PORT = 53
 define OPENTTD_PORT = 3979
+define IPERF_PORT = 5201
 
 # UDP only services
 define DHCP_IN_PORT = 67

filter.nft

@@ -10,18 +10,19 @@ table ip filter {
 		elements = {
 			$SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT, $SYNCPLAY_PORT,
 			$TERRARIA_PORT, $OPENTTD_PORT, $MAINPAGE_PORT, $NEXTCLOUD_PORT, $GITEA_PORT,
-			$POSTGRESQL_PORT, $RPCBIND_PORT, $MOUNTD_PORT, $NFS_PORT, $MARIADB_PORT, $IPERF_PORT
+			$POSTGRESQL_PORT, $RPCBIND_PORT, $MOUNTD_PORT, $NFS_PORT, $MARIADB_PORT,
+			$HLS_PORT, $IPERF_PORT, $ARGENT_PORT
 		};
 	}
 
 	set allowed_udp_ports_in {
 		type inet_service; flags constant;
-		elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT, $SNMP_POLL_PORT, $SNMP_TRAP_PORT };
+		elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT, $SNMP_POLL_PORT, $SNMP_TRAP_PORT, $IPERF_PORT };
 	}
 
 	set allowed_udp_ports_out {
 		type inet_service; flags constant;
-		elements = { $DNS_PORT, $DHCP_OUT_PORT, $SNMP_POLL_PORT };
+		elements = { $DNS_PORT, $DHCP_OUT_PORT, $SNMP_POLL_PORT, $IPERF_PORT };
 	}
 
 	set ipv4_geo_blacklist {

nat.nft

@@ -2,6 +2,7 @@ table nat {
 	chain prerouting {
 		type nat hook prerouting priority 0;
 		comment "this is necessary even if empty";
+		tcp dport $ARGENT_EXTERNAL_PORT redirect to $MARIADB_PORT;
 	}
 
 	chain postrouting {