surtr: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2022-05-19 22:05:02 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2022-05-19 22:05:02 +0200
commit: 84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (patch)
tree: 4b05057b68ef6c9e8766b80927221b360d13d167 /hosts/surtr/ruleset.nft
parent: 8f0bf6945a24ea8dac4e8395461bb92f22ab71a0 (diff)
download: nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.gz
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.bz2
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.xz
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft
index bfa27d41..51fcd498 100644
--- a/hosts/surtr/ruleset.nft
+++ b/hosts/surtr/ruleset.nft
@@ -159,7 +159,7 @@ table inet filter {
    meta l4proto $icmp_protos counter name icmp-rx accept
    tcp dport 22 counter name ssh-rx accept
-    udp dport 60001-61000 counter name mosh-rx accept
+    udp dport 60000-61000 counter name mosh-rx accept
    meta protocol ip udp dport 51820 counter name wg-rx accept
    meta protocol ip6 udp dport {51821, 51822} counter name wg-rx accept
@@ -203,7 +203,7 @@ table inet filter {
    tcp sport 22 counter name ssh-tx
-    udp sport 60001-61000 counter name mosh-tx
+    udp sport 60000-61000 counter name mosh-tx
    tcp sport 53 counter name dns-tx
    udp sport 53 counter name dns-tx
author	Gregor Kleen <gkleen@yggdrasil.li>	2022-05-19 22:05:02 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2022-05-19 22:05:02 +0200
commit	84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (patch)
tree	4b05057b68ef6c9e8766b80927221b360d13d167 /hosts/surtr/ruleset.nft
parent	8f0bf6945a24ea8dac4e8395461bb92f22ab71a0 (diff)
download	nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.gz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.bz2 nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.xz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.zip

diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index bfa27d41..51fcd498 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft
@@ -159,7 +159,7 @@ table inet filter {
159	meta l4proto $icmp_protos counter name icmp-rx accept	159	meta l4proto $icmp_protos counter name icmp-rx accept
160		160
161	tcp dport 22 counter name ssh-rx accept	161	tcp dport 22 counter name ssh-rx accept
162	udp dport 60001-61000 counter name mosh-rx accept	162	udp dport 60000-61000 counter name mosh-rx accept
163		163
164	meta protocol ip udp dport 51820 counter name wg-rx accept	164	meta protocol ip udp dport 51820 counter name wg-rx accept
165	meta protocol ip6 udp dport {51821, 51822} counter name wg-rx accept	165	meta protocol ip6 udp dport {51821, 51822} counter name wg-rx accept
@@ -203,7 +203,7 @@ table inet filter {
203		203
204		204
205	tcp sport 22 counter name ssh-tx	205	tcp sport 22 counter name ssh-tx
206	udp sport 60001-61000 counter name mosh-tx	206	udp sport 60000-61000 counter name mosh-tx
207		207
208	tcp sport 53 counter name dns-tx	208	tcp sport 53 counter name dns-tx
209	udp sport 53 counter name dns-tx	209	udp sport 53 counter name dns-tx