bifrost: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2022-02-06 17:19:58 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2022-02-06 17:19:58 +0100
commit: 67657a453e654811ed5adf45a4c7aab32dc30274 (patch)
tree: b94f3378117ca2b6bd2d43c8ef106855e52e6462 /hosts/vidhar/network/ruleset.nft
parent: 93f07176317920ee881773519ee342f9c62ab9c9 (diff)
download: nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar
nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar.gz
nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar.bz2
nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar.xz
nixos-67657a453e654811ed5adf45a4c7aab32dc30274.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index 4914777d..caa4863b 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -162,8 +162,8 @@ table inet filter {
    iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop
    meta l4proto $icmp_protos counter name icmp-rx accept
-    iifname { lan, mgmt, dsl, yggdrasil } tcp dport 22 counter name ssh-rx accept
+    iifname { lan, mgmt, dsl, yggdrasil, bifrost } tcp dport 22 counter name ssh-rx accept
-    iifname { lan, mgmt, dsl, yggdrasil } udp dport 60001-61000 counter name mosh-rx accept
+    iifname { lan, mgmt, dsl, yggdrasil, bifrost } udp dport 60001-61000 counter name mosh-rx accept
    iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept
    iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept
author	Gregor Kleen <gkleen@yggdrasil.li>	2022-02-06 17:19:58 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2022-02-06 17:19:58 +0100
commit	67657a453e654811ed5adf45a4c7aab32dc30274 (patch)
tree	b94f3378117ca2b6bd2d43c8ef106855e52e6462 /hosts/vidhar/network/ruleset.nft
parent	93f07176317920ee881773519ee342f9c62ab9c9 (diff)
download	nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar.gz nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar.bz2 nixos-67657a453e654811ed5adf45a4c7aab32dc30274.tar.xz nixos-67657a453e654811ed5adf45a4c7aab32dc30274.zip

diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft index 4914777d..caa4863b 100644 --- a/hosts/vidhar/network/ruleset.nft +++ b/hosts/vidhar/network/ruleset.nft
@@ -162,8 +162,8 @@ table inet filter {
162	iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop	162	iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop
163	meta l4proto $icmp_protos counter name icmp-rx accept	163	meta l4proto $icmp_protos counter name icmp-rx accept
164		164
165	iifname { lan, mgmt, dsl, yggdrasil } tcp dport 22 counter name ssh-rx accept	165	iifname { lan, mgmt, dsl, yggdrasil, bifrost } tcp dport 22 counter name ssh-rx accept
166	iifname { lan, mgmt, dsl, yggdrasil } udp dport 60001-61000 counter name mosh-rx accept	166	iifname { lan, mgmt, dsl, yggdrasil, bifrost } udp dport 60001-61000 counter name mosh-rx accept
167		167
168	iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept	168	iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept
169	iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept	169	iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept