diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-16 14:28:22 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-16 14:28:22 +0100 |
commit | 740f758619d3c9172e74f3b5076d124254a1d1bf (patch) | |
tree | f199935a6080c8021573c7562e289c9c6d85dc06 /hosts/surtr | |
parent | b54837a33e133cbbfb6c1efaac3a30ecd8094492 (diff) | |
download | nixos-740f758619d3c9172e74f3b5076d124254a1d1bf.tar nixos-740f758619d3c9172e74f3b5076d124254a1d1bf.tar.gz nixos-740f758619d3c9172e74f3b5076d124254a1d1bf.tar.bz2 nixos-740f758619d3c9172e74f3b5076d124254a1d1bf.tar.xz nixos-740f758619d3c9172e74f3b5076d124254a1d1bf.zip |
surtr: nftables...
Diffstat (limited to 'hosts/surtr')
-rw-r--r-- | hosts/surtr/ruleset.nft | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index b57434a6..9a1bf95a 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft | |||
@@ -44,8 +44,8 @@ table inet filter { | |||
44 | 44 | ||
45 | iifname lo counter accept | 45 | iifname lo counter accept |
46 | 46 | ||
47 | meta l4proto $icmp_protos iifname yggdrasil limit name lim_icmp counter drop | 47 | meta l4proto $icmp_protos iifname yggdrasil oifname ens3 limit name lim_icmp counter drop |
48 | meta l4proto $icmp_protos iifname yggdrasil counter accept | 48 | meta l4proto $icmp_protos iifname yggdrasil oifname ens3 counter accept |
49 | meta l4proto $icmp_protos ct state {established, related} limit name lim_icmp counter drop | 49 | meta l4proto $icmp_protos ct state {established, related} limit name lim_icmp counter drop |
50 | meta l4proto $icmp_protos ct state {established, related} counter accept | 50 | meta l4proto $icmp_protos ct state {established, related} counter accept |
51 | 51 | ||