summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-03-14 17:00:42 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-03-14 17:00:42 +0100
commit3d3f8c4721fd0c978243d365d7ac8eaea1124b17 (patch)
tree2e60e6cd5d3990ff51e59133c09678f877e4d934
parent67ad77720622605af0ec366fb068d9c9da320231 (diff)
downloadnixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar
nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar.gz
nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar.bz2
nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar.xz
nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.zip
installer: allow input
-rw-r--r--installer/ruleset.nft3
1 files changed, 3 insertions, 0 deletions
diff --git a/installer/ruleset.nft b/installer/ruleset.nft
index 4de54dd7..803ce9fd 100644
--- a/installer/ruleset.nft
+++ b/installer/ruleset.nft
@@ -73,6 +73,9 @@ table inet filter {
73 udp dport 60000-61000 counter accept 73 udp dport 60000-61000 counter accept
74 74
75 75
76 ct state {established, related} counter name established-rx accept
77
78
76 limit name lim_reject log level debug prefix "drop input: " counter drop 79 limit name lim_reject log level debug prefix "drop input: " counter drop
77 log level debug prefix "reject input: " counter 80 log level debug prefix "reject input: " counter
78 meta l4proto tcp ct state new counter reject with tcp reset 81 meta l4proto tcp ct state new counter reject with tcp reset