summaryrefslogtreecommitdiff
path: root/hosts/surtr/ruleset.nft
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-05-05 15:46:25 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2022-05-05 15:46:25 +0200
commitcd4f0b1541af8043c1ee9b5debab67de0904892b (patch)
tree0831f55d8c2bff94d2dfe3680f85f71c7773ef3b /hosts/surtr/ruleset.nft
parent8cae71be63b008b05182c55e33ae2c46162ca6e8 (diff)
downloadnixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar
nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar.gz
nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar.bz2
nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.tar.xz
nixos-cd4f0b1541af8043c1ee9b5debab67de0904892b.zip
surtr: ...
Diffstat (limited to 'hosts/surtr/ruleset.nft')
-rw-r--r--hosts/surtr/ruleset.nft10
1 files changed, 10 insertions, 0 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft
index e5fcf720..2e8dab54 100644
--- a/hosts/surtr/ruleset.nft
+++ b/hosts/surtr/ruleset.nft
@@ -78,6 +78,8 @@ table inet filter {
78 counter http-rx {} 78 counter http-rx {}
79 counter stun-rx {} 79 counter stun-rx {}
80 counter turn-rx {} 80 counter turn-rx {}
81 counter smtp-rx {}
82 counter submissions-rx {}
81 83
82 counter established-rx {} 84 counter established-rx {}
83 85
@@ -101,6 +103,8 @@ table inet filter {
101 counter http-tx {} 103 counter http-tx {}
102 counter stun-tx {} 104 counter stun-tx {}
103 counter turn-tx {} 105 counter turn-tx {}
106 counter smtp-tx {}
107 counter submissions-rx {}
104 108
105 counter tx {} 109 counter tx {}
106 110
@@ -166,6 +170,9 @@ table inet filter {
166 udp dport {3478, 5349} counter name stun-rx accept 170 udp dport {3478, 5349} counter name stun-rx accept
167 udp dport 49000-50000 counter name turn-rx accept 171 udp dport 49000-50000 counter name turn-rx accept
168 172
173 # tcp dport 25 counter name smtp-rx accept
174 tcp dport 465 counter name submissions-rx accept
175
169 ct state {established, related} counter name established-rx accept 176 ct state {established, related} counter name established-rx accept
170 177
171 178
@@ -205,6 +212,9 @@ table inet filter {
205 udp sport {3478, 5349} counter name stun-tx accept 212 udp sport {3478, 5349} counter name stun-tx accept
206 udp sport 49000-50000 counter name turn-tx accept 213 udp sport 49000-50000 counter name turn-tx accept
207 214
215 tcp sport 25 counter name smtp-tx accept
216 tcp sport 465 counter name submissions-tx accept
217
208 218
209 counter name tx 219 counter name tx
210 } 220 }