diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-30 16:19:57 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-30 16:19:57 +0100 |
commit | 1e82933a01dcc3810d635567dbef0de286c1e8f2 (patch) | |
tree | 9fd302fa171c5fb6dbfeddfffdc1e30629bca1db /hosts/surtr/ruleset.nft | |
parent | 68645f75136d6e82bfb7e27b50c531d1b416c4d5 (diff) | |
download | nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar.gz nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar.bz2 nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar.xz nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.zip |
Revert "..."
This reverts commit 68645f75136d6e82bfb7e27b50c531d1b416c4d5.
Diffstat (limited to 'hosts/surtr/ruleset.nft')
-rw-r--r-- | hosts/surtr/ruleset.nft | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index ee72614f..4993b6b7 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft | |||
@@ -171,7 +171,6 @@ table inet filter { | |||
171 | udp dport 53 counter name dns-rx accept | 171 | udp dport 53 counter name dns-rx accept |
172 | 172 | ||
173 | tcp dport {80, 443, 8448} counter name http-rx accept | 173 | tcp dport {80, 443, 8448} counter name http-rx accept |
174 | udp dport {443, 8448} counter name http-rx accept | ||
175 | 174 | ||
176 | tcp dport {3478, 5349} counter name stun-rx accept | 175 | tcp dport {3478, 5349} counter name stun-rx accept |
177 | udp dport {3478, 5349} counter name stun-rx accept | 176 | udp dport {3478, 5349} counter name stun-rx accept |
@@ -216,8 +215,7 @@ table inet filter { | |||
216 | meta protocol ip6 udp sport {51821, 51822} counter name wg-tx | 215 | meta protocol ip6 udp sport {51821, 51822} counter name wg-tx |
217 | iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx | 216 | iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx |
218 | 217 | ||
219 | tcp sport {80, 443, 8448} counter name http-tx accept | 218 | tcp sport {80,443,8448} counter name http-tx accept |
220 | udp sport {443, 8448} counter name http-tx accept | ||
221 | 219 | ||
222 | tcp sport {3478, 5349} counter name stun-tx accept | 220 | tcp sport {3478, 5349} counter name stun-tx accept |
223 | udp sport {3478, 5349} counter name stun-tx accept | 221 | udp sport {3478, 5349} counter name stun-tx accept |