summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-05-04 08:37:42 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2022-05-04 08:37:42 +0200
commit9d548657d6b90fa5e0e9cfd428c2d92030226e22 (patch)
treef6eee66faa82742e12c86588cc17c47b72f022d6
parentfd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e (diff)
downloadnixos-9d548657d6b90fa5e0e9cfd428c2d92030226e22.tar
nixos-9d548657d6b90fa5e0e9cfd428c2d92030226e22.tar.gz
nixos-9d548657d6b90fa5e0e9cfd428c2d92030226e22.tar.bz2
nixos-9d548657d6b90fa5e0e9cfd428c2d92030226e22.tar.xz
nixos-9d548657d6b90fa5e0e9cfd428c2d92030226e22.zip
sif: ...
-rw-r--r--hosts/sif/ruleset.nft4
1 files changed, 3 insertions, 1 deletions
diff --git a/hosts/sif/ruleset.nft b/hosts/sif/ruleset.nft
index 62fa90db..c453cc7b 100644
--- a/hosts/sif/ruleset.nft
+++ b/hosts/sif/ruleset.nft
@@ -41,6 +41,8 @@ table inet filter {
41 41
42 counter invalid-fw {} 42 counter invalid-fw {}
43 43
44 counter fw-lo {}
45
44 counter reject-ratelimit-fw {} 46 counter reject-ratelimit-fw {}
45 counter reject-fw {} 47 counter reject-fw {}
46 counter reject-tcp-fw {} 48 counter reject-tcp-fw {}
@@ -149,7 +151,7 @@ table inet filter {
149 udp sport 51820-51822 counter name wg-tx 151 udp sport 51820-51822 counter name wg-tx
150 iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx 152 iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx
151 153
152 tcp sport 8000 counter name http-tx accept 154 tcp sport 8000 counter name quickserve-tx accept
153 155
154 156
155 counter name tx 157 counter name tx