summaryrefslogtreecommitdiff
path: root/hosts/surtr/ruleset.nft
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2023-01-30 16:19:57 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2023-01-30 16:19:57 +0100
commit1e82933a01dcc3810d635567dbef0de286c1e8f2 (patch)
tree9fd302fa171c5fb6dbfeddfffdc1e30629bca1db /hosts/surtr/ruleset.nft
parent68645f75136d6e82bfb7e27b50c531d1b416c4d5 (diff)
downloadnixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar
nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar.gz
nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar.bz2
nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.tar.xz
nixos-1e82933a01dcc3810d635567dbef0de286c1e8f2.zip
Revert "..."
This reverts commit 68645f75136d6e82bfb7e27b50c531d1b416c4d5.
Diffstat (limited to 'hosts/surtr/ruleset.nft')
-rw-r--r--hosts/surtr/ruleset.nft4
1 files changed, 1 insertions, 3 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft
index ee72614f..4993b6b7 100644
--- a/hosts/surtr/ruleset.nft
+++ b/hosts/surtr/ruleset.nft
@@ -171,7 +171,6 @@ table inet filter {
171 udp dport 53 counter name dns-rx accept 171 udp dport 53 counter name dns-rx accept
172 172
173 tcp dport {80, 443, 8448} counter name http-rx accept 173 tcp dport {80, 443, 8448} counter name http-rx accept
174 udp dport {443, 8448} counter name http-rx accept
175 174
176 tcp dport {3478, 5349} counter name stun-rx accept 175 tcp dport {3478, 5349} counter name stun-rx accept
177 udp dport {3478, 5349} counter name stun-rx accept 176 udp dport {3478, 5349} counter name stun-rx accept
@@ -216,8 +215,7 @@ table inet filter {
216 meta protocol ip6 udp sport {51821, 51822} counter name wg-tx 215 meta protocol ip6 udp sport {51821, 51822} counter name wg-tx
217 iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx 216 iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx
218 217
219 tcp sport {80, 443, 8448} counter name http-tx accept 218 tcp sport {80,443,8448} counter name http-tx accept
220 udp sport {443, 8448} counter name http-tx accept
221 219
222 tcp sport {3478, 5349} counter name stun-tx accept 220 tcp sport {3478, 5349} counter name stun-tx accept
223 udp sport {3478, 5349} counter name stun-tx accept 221 udp sport {3478, 5349} counter name stun-tx accept