immich

1 files changed, 7 insertions, 0 deletions

diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index 9f519302..10fd4c51 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -1,4 +1,5 @@
 define icmp_protos = { ipv6-icmp, icmp, igmp }
+define bifrost_surtr = 2a03:4000:52:ada:4::/128
 
 table arp filter {
   limit lim_arp_local {
@@ -90,6 +91,7 @@ table inet filter {
   counter http-rx {}
   counter tftp-rx {}
   counter pgbackrest-rx {}
+  counter immich-rx {}
 
   counter established-rx {}
 
@@ -118,6 +120,7 @@ table inet filter {
   counter http-tx {}
   counter tftp-tx {}
   counter pgbackrest-tx {}
+  counter immich-tx {}
 
   counter tx {}
 
@@ -193,6 +196,8 @@ table inet filter {
 
     tcp dport 8432 counter name pgbackrest-rx accept
 
+    iifname bifrost tcp dport 2283 ip6 saddr $bifrost_surtr counter name immich-rx accept
+
     ct state { established, related } counter name established-rx accept
 
 
@@ -240,6 +245,8 @@ table inet filter {
 
     tcp sport 8432 counter name pgbackrest-tx accept
 
+    iifname bifrost tcp sport 2283 ip6 daddr $bifrost_surtr counter name immich-tx accept
+
 
     counter name tx
   }