diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-13 21:36:34 +0100 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-13 21:36:34 +0100 |
| commit | 3dd95b2119e7ddf3ac68aa5a744076e2daa4e99f (patch) | |
| tree | 649cc654de5c646222e9c6a01acb5b1680f4e109 /hosts/surtr/ruleset.nft | |
| parent | 470105b11d48740bd1dd1401491ebac08b834e07 (diff) | |
| download | nixos-3dd95b2119e7ddf3ac68aa5a744076e2daa4e99f.tar nixos-3dd95b2119e7ddf3ac68aa5a744076e2daa4e99f.tar.gz nixos-3dd95b2119e7ddf3ac68aa5a744076e2daa4e99f.tar.bz2 nixos-3dd95b2119e7ddf3ac68aa5a744076e2daa4e99f.tar.xz nixos-3dd95b2119e7ddf3ac68aa5a744076e2daa4e99f.zip | |
surtr: nftables...
Diffstat (limited to 'hosts/surtr/ruleset.nft')
| -rw-r--r-- | hosts/surtr/ruleset.nft | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index 6b47751f..f8cadc94 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft | |||
| @@ -79,6 +79,9 @@ table inet filter { | |||
| 79 | meta protocol ip6 udp dport 51821 counter accept | 79 | meta protocol ip6 udp dport 51821 counter accept |
| 80 | udp dport 60000-61000 counter accept | 80 | udp dport 60000-61000 counter accept |
| 81 | 81 | ||
| 82 | tcp dport 53 counter accept | ||
| 83 | udp dport 53 counter accept | ||
| 84 | |||
| 82 | 85 | ||
| 83 | limit name lim_reject log prefix "drop input: " counter drop | 86 | limit name lim_reject log prefix "drop input: " counter drop |
| 84 | log prefix "reject input: " counter | 87 | log prefix "reject input: " counter |