vidhar: nftables...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-08 19:14:21 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-08 19:14:21 +0100
commit: 1bbe055b5a8572bf5b719e7476f6e15ad2a35de1 (patch)
tree: 8e5c44f38d1aa923a4c8efa485bbacf4d69539bb /hosts/vidhar
parent: 96727fdd99f164e4f8d1afb4b24ddd11363f29d9 (diff)
download: nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar
nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar.gz
nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar.bz2
nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar.xz
nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft
index a4256e83..ae3bb694 100644
--- a/hosts/vidhar/ruleset.nft
+++ b/hosts/vidhar/ruleset.nft
@@ -36,10 +36,10 @@ table inet filter {
    ct state {established, related} counter accept
    tcp dport 22 counter accept
-    ip version 4 udp dport 51820 counter accept
+    meta protocol ip udp dport 51820 counter accept
    udp dport 60000-61000 counter accept
-    iifname "dsl" ip6 version 6 udp dport 546 udp sport 547 counter accept
+    iifname "dsl" meta protocol ip6 udp dport 546 udp sport 547 counter accept
    meta l4proto ipv6-icmp counter accept
    meta l4proto icmp counter accept
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-08 19:14:21 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-08 19:14:21 +0100
commit	1bbe055b5a8572bf5b719e7476f6e15ad2a35de1 (patch)
tree	8e5c44f38d1aa923a4c8efa485bbacf4d69539bb /hosts/vidhar
parent	96727fdd99f164e4f8d1afb4b24ddd11363f29d9 (diff)
download	nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar.gz nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar.bz2 nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.tar.xz nixos-1bbe055b5a8572bf5b719e7476f6e15ad2a35de1.zip

diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft index a4256e83..ae3bb694 100644 --- a/hosts/vidhar/ruleset.nft +++ b/hosts/vidhar/ruleset.nft
@@ -36,10 +36,10 @@ table inet filter {
36	ct state {established, related} counter accept	36	ct state {established, related} counter accept
37		37
38	tcp dport 22 counter accept	38	tcp dport 22 counter accept
39	ip version 4 udp dport 51820 counter accept	39	meta protocol ip udp dport 51820 counter accept
40	udp dport 60000-61000 counter accept	40	udp dport 60000-61000 counter accept
41		41
42	iifname "dsl" ip6 version 6 udp dport 546 udp sport 547 counter accept	42	iifname "dsl" meta protocol ip6 udp dport 546 udp sport 547 counter accept
43		43
44	meta l4proto ipv6-icmp counter accept	44	meta l4proto ipv6-icmp counter accept
45	meta l4proto icmp counter accept	45	meta l4proto icmp counter accept