summaryrefslogtreecommitdiff
path: root/hosts/vidhar/network
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-01-08 00:33:07 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-01-08 00:33:07 +0100
commit5bc987ff56d78201574c03f9bd4d3411d6aa56b9 (patch)
tree5aeeab7f8a0827557089021183dec9b89d6ac438 /hosts/vidhar/network
parentc89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595 (diff)
downloadnixos-5bc987ff56d78201574c03f9bd4d3411d6aa56b9.tar
nixos-5bc987ff56d78201574c03f9bd4d3411d6aa56b9.tar.gz
nixos-5bc987ff56d78201574c03f9bd4d3411d6aa56b9.tar.bz2
nixos-5bc987ff56d78201574c03f9bd4d3411d6aa56b9.tar.xz
nixos-5bc987ff56d78201574c03f9bd4d3411d6aa56b9.zip
vidhar: ...
Diffstat (limited to 'hosts/vidhar/network')
-rw-r--r--hosts/vidhar/network/ruleset.nft6
1 files changed, 3 insertions, 3 deletions
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index f6a2175c..fb04e449 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -162,8 +162,8 @@ table inet filter {
162 iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop 162 iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop
163 meta l4proto $icmp_protos counter name icmp-rx accept 163 meta l4proto $icmp_protos counter name icmp-rx accept
164 164
165 iifname { lan, mgmt, dsl } tcp dport 22 counter name ssh-rx accept 165 iifname { lan, mgmt, dsl, yggdrasil } tcp dport 22 counter name ssh-rx accept
166 iifname { lan, mgmt, dsl } udp dport 60001-61000 counter name mosh-rx accept 166 iifname { lan, mgmt, dsl, yggdrasil } udp dport 60001-61000 counter name mosh-rx accept
167 167
168 iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept 168 iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept
169 iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept 169 iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept
@@ -176,7 +176,7 @@ table inet filter {
176 176
177 iifname mgmt udp dport 123 counter name ntp-rx accept 177 iifname mgmt udp dport 123 counter name ntp-rx accept
178 178
179 iifname {lan, mgmt} udp dport 67 counter name dhcp-rx accept 179 iifname { lan, mgmt, dmz01 } udp dport 67 counter name dhcp-rx accept
180 180
181 iifname lan udp dport { 137, 138, 3702 } counter name samba-rx accept 181 iifname lan udp dport { 137, 138, 3702 } counter name samba-rx accept
182 iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept 182 iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept