diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-06 18:20:18 +0100 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-06 18:20:18 +0100 |
| commit | abd86d7bd35ae30e9eeffc33a798faca9e2b0486 (patch) | |
| tree | c861a2fec32b927c8edb749b28c21f5eb74e6c9c /hosts/surtr | |
| parent | 33988e75d8c35dd26de46645971ac1d6fb6eb3e6 (diff) | |
| download | nixos-abd86d7bd35ae30e9eeffc33a798faca9e2b0486.tar nixos-abd86d7bd35ae30e9eeffc33a798faca9e2b0486.tar.gz nixos-abd86d7bd35ae30e9eeffc33a798faca9e2b0486.tar.bz2 nixos-abd86d7bd35ae30e9eeffc33a798faca9e2b0486.tar.xz nixos-abd86d7bd35ae30e9eeffc33a798faca9e2b0486.zip | |
bifrost: ...
Diffstat (limited to 'hosts/surtr')
| -rw-r--r-- | hosts/surtr/ruleset.nft | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index 9d6fd373..998bd037 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft | |||
| @@ -44,10 +44,12 @@ table inet filter { | |||
| 44 | 44 | ||
| 45 | iifname lo counter accept | 45 | iifname lo counter accept |
| 46 | 46 | ||
| 47 | meta l4proto $icmp_protos iifname {yggdrasil, bifrost} oifname ens3 limit name lim_icmp counter drop | 47 | meta l4proto $icmp_protos iifname {yggdrasil, bifrost} oifname {bifrost, ens3} limit name lim_icmp counter drop |
| 48 | meta l4proto $icmp_protos iifname {yggdrasil, bifrost} oifname ens3 counter accept | 48 | meta l4proto $icmp_protos iifname {yggdrasil, bifrost} oifname {bifrost, ens3} counter accept |
| 49 | meta l4proto $icmp_protos ct state {established, related} limit name lim_icmp counter drop | 49 | meta l4proto $icmp_protos ct state {established, related} limit name lim_icmp counter drop |
| 50 | meta l4proto $icmp_protos ct state {established, related} counter accept | 50 | meta l4proto $icmp_protos ct state {established, related} counter accept |
| 51 | meta l4proto $icmp_protos oifname bifrost limit name lim_icmp counter drop | ||
| 52 | meta l4proto $icmp_protos oifname bifrost counter accept | ||
| 51 | 53 | ||
| 52 | 54 | ||
| 53 | oifname bifrost counter accept | 55 | oifname bifrost counter accept |