vidhar: netboot installer

author: Gregor Kleen <gkleen@yggdrasil.li> 2022-03-12 18:40:38 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2022-03-12 18:40:38 +0100
commit: ae278d745dd8eca94374b27c1fa9a977e54c23c2 (patch)
tree: 934702c425a46496b046579b6f3f4bacada36e4a /hosts/vidhar/network/ruleset.nft
parent: 1f4ff029be789298f7732d6f2a153a234cbb5267 (diff)
download: nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar
nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar.gz
nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar.bz2
nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar.xz
nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index f2b1eda0..0f591f24 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -183,7 +183,7 @@ table inet filter {
    iifname yggdrasil tcp dport { 80, 443 } counter name http-rx accept
    
-    iifname mgmt udp dport 69 counter name tftp-rx accept
+    iifname { lan, mgmt } udp dport 69 counter name tftp-rx accept
    ct state {established, related} counter name established-rx accept
@@ -228,7 +228,7 @@ table inet filter {
    tcp sport 80 counter name http-tx accept
    udp sport 69 counter name tftp-tx accept
-    iifname mgmt udp dport 69 counter name tftp-tx accept
+    udp dport 69 counter name tftp-tx accept
    counter name tx
author	Gregor Kleen <gkleen@yggdrasil.li>	2022-03-12 18:40:38 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2022-03-12 18:40:38 +0100
commit	ae278d745dd8eca94374b27c1fa9a977e54c23c2 (patch)
tree	934702c425a46496b046579b6f3f4bacada36e4a /hosts/vidhar/network/ruleset.nft
parent	1f4ff029be789298f7732d6f2a153a234cbb5267 (diff)
download	nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar.gz nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar.bz2 nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.tar.xz nixos-ae278d745dd8eca94374b27c1fa9a977e54c23c2.zip

diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft index f2b1eda0..0f591f24 100644 --- a/hosts/vidhar/network/ruleset.nft +++ b/hosts/vidhar/network/ruleset.nft
@@ -183,7 +183,7 @@ table inet filter {
183		183
184	iifname yggdrasil tcp dport { 80, 443 } counter name http-rx accept	184	iifname yggdrasil tcp dport { 80, 443 } counter name http-rx accept
185		185
186	iifname mgmt udp dport 69 counter name tftp-rx accept	186	iifname { lan, mgmt } udp dport 69 counter name tftp-rx accept
187		187
188	ct state {established, related} counter name established-rx accept	188	ct state {established, related} counter name established-rx accept
189		189
@@ -228,7 +228,7 @@ table inet filter {
228	tcp sport 80 counter name http-tx accept	228	tcp sport 80 counter name http-tx accept
229		229
230	udp sport 69 counter name tftp-tx accept	230	udp sport 69 counter name tftp-tx accept
231	iifname mgmt udp dport 69 counter name tftp-tx accept	231	udp dport 69 counter name tftp-tx accept
232		232
233		233
234	counter name tx	234	counter name tx