diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-05 15:46:25 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-05 15:46:25 +0200 |
commit | cd4f0b1541af8043c1ee9b5debab67de0904892b (patch) | |
tree | 0831f55d8c2bff94d2dfe3680f85f71c7773ef3b /hosts/surtr/ruleset.nft | |
parent | 8cae71be63b008b05182c55e33ae2c46162ca6e8 (diff) | |
download | nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar.gz nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar.bz2 nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar.xz nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.zip |
surtr: ...
Diffstat (limited to 'hosts/surtr/ruleset.nft')
-rw-r--r-- | hosts/surtr/ruleset.nft | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index e5fcf720..2e8dab54 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft | |||
@@ -78,6 +78,8 @@ table inet filter { | |||
78 | counter http-rx {} | 78 | counter http-rx {} |
79 | counter stun-rx {} | 79 | counter stun-rx {} |
80 | counter turn-rx {} | 80 | counter turn-rx {} |
81 | counter smtp-rx {} | ||
82 | counter submissions-rx {} | ||
81 | 83 | ||
82 | counter established-rx {} | 84 | counter established-rx {} |
83 | 85 | ||
@@ -101,6 +103,8 @@ table inet filter { | |||
101 | counter http-tx {} | 103 | counter http-tx {} |
102 | counter stun-tx {} | 104 | counter stun-tx {} |
103 | counter turn-tx {} | 105 | counter turn-tx {} |
106 | counter smtp-tx {} | ||
107 | counter submissions-rx {} | ||
104 | 108 | ||
105 | counter tx {} | 109 | counter tx {} |
106 | 110 | ||
@@ -166,6 +170,9 @@ table inet filter { | |||
166 | udp dport {3478, 5349} counter name stun-rx accept | 170 | udp dport {3478, 5349} counter name stun-rx accept |
167 | udp dport 49000-50000 counter name turn-rx accept | 171 | udp dport 49000-50000 counter name turn-rx accept |
168 | 172 | ||
173 | # tcp dport 25 counter name smtp-rx accept | ||
174 | tcp dport 465 counter name submissions-rx accept | ||
175 | |||
169 | ct state {established, related} counter name established-rx accept | 176 | ct state {established, related} counter name established-rx accept |
170 | 177 | ||
171 | 178 | ||
@@ -205,6 +212,9 @@ table inet filter { | |||
205 | udp sport {3478, 5349} counter name stun-tx accept | 212 | udp sport {3478, 5349} counter name stun-tx accept |
206 | udp sport 49000-50000 counter name turn-tx accept | 213 | udp sport 49000-50000 counter name turn-tx accept |
207 | 214 | ||
215 | tcp sport 25 counter name smtp-tx accept | ||
216 | tcp sport 465 counter name submissions-tx accept | ||
217 | |||
208 | 218 | ||
209 | counter name tx | 219 | counter name tx |
210 | } | 220 | } |