vidhar: nftables...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-09 09:37:05 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-09 09:37:05 +0100
commit: a34f9383df7169c56fb61a8f38cd039cf71f527e (patch)
tree: d85b1da8a7178b0642895224c6a7938eb4286a2c
parent: db1993a6835a4de3d3cfb41b8444f6b9535f7443 (diff)
download: nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar
nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar.gz
nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar.bz2
nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar.xz
nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft
index ca2eb2fc..9c82052f 100644
--- a/hosts/vidhar/ruleset.nft
+++ b/hosts/vidhar/ruleset.nft
@@ -25,7 +25,7 @@ table inet filter {
    oifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter drop
    oifname dsl meta l4proto $icmp_protos limit name lim_icmp_dsl counter drop
-    meta l4proto $imp_protos counter accept
+    meta l4proto $icmp_protos counter accept
    iifname eno1 oifname dsl counter accept
    iifname dsl oifname eno1 ct state {established, related} counter accept
@@ -55,7 +55,7 @@ table inet filter {
    iifname dsl meta l4proto $icmp_protos limit name lim_icmp_dsl counter drop
    iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter drop
-    meta l4proto $imp_protos counter accept
+    meta l4proto $icmp_protos counter accept
    ct state {established, related} counter accept
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-09 09:37:05 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-09 09:37:05 +0100
commit	a34f9383df7169c56fb61a8f38cd039cf71f527e (patch)
tree	d85b1da8a7178b0642895224c6a7938eb4286a2c
parent	db1993a6835a4de3d3cfb41b8444f6b9535f7443 (diff)
download	nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar.gz nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar.bz2 nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.tar.xz nixos-a34f9383df7169c56fb61a8f38cd039cf71f527e.zip

diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft index ca2eb2fc..9c82052f 100644 --- a/hosts/vidhar/ruleset.nft +++ b/hosts/vidhar/ruleset.nft
@@ -25,7 +25,7 @@ table inet filter {
25		25
26	oifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter drop	26	oifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter drop
27	oifname dsl meta l4proto $icmp_protos limit name lim_icmp_dsl counter drop	27	oifname dsl meta l4proto $icmp_protos limit name lim_icmp_dsl counter drop
28	meta l4proto $imp_protos counter accept	28	meta l4proto $icmp_protos counter accept
29		29
30	iifname eno1 oifname dsl counter accept	30	iifname eno1 oifname dsl counter accept
31	iifname dsl oifname eno1 ct state {established, related} counter accept	31	iifname dsl oifname eno1 ct state {established, related} counter accept
@@ -55,7 +55,7 @@ table inet filter {
55		55
56	iifname dsl meta l4proto $icmp_protos limit name lim_icmp_dsl counter drop	56	iifname dsl meta l4proto $icmp_protos limit name lim_icmp_dsl counter drop
57	iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter drop	57	iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter drop
58	meta l4proto $imp_protos counter accept	58	meta l4proto $icmp_protos counter accept
59		59
60	ct state {established, related} counter accept	60	ct state {established, related} counter accept
61		61