vidhar: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-26 10:27:14 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-26 10:27:14 +0100
commit: e2dbaeb8637b3472740f066a1be0077544852ba3 (patch)
tree: 9f873f6b8ae2415bb287e3a3d00d704116dc30af /hosts/vidhar
parent: 1b5a0243f1e70fb8925dd5d1e0b872b89a2f029c (diff)
download: nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar
nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar.gz
nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar.bz2
nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar.xz
nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft
index ba558877..520bfd6a 100644
--- a/hosts/vidhar/ruleset.nft
+++ b/hosts/vidhar/ruleset.nft
@@ -91,6 +91,9 @@ table inet filter {
    tcp dport 22 counter accept
    udp dport 60001-61000 counter accept
+    iifname eno1 tcp dport 53 counter accept
+    iifname eno1 udp dport 53 counter accept
    meta protocol ip udp dport 51820 counter accept
    meta protocol ip6 udp dport 51821 counter accept
    iifname "yggdrasil-wg-*" meta l4proto gre counter accept
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-26 10:27:14 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-26 10:27:14 +0100
commit	e2dbaeb8637b3472740f066a1be0077544852ba3 (patch)
tree	9f873f6b8ae2415bb287e3a3d00d704116dc30af /hosts/vidhar
parent	1b5a0243f1e70fb8925dd5d1e0b872b89a2f029c (diff)
download	nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar.gz nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar.bz2 nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.tar.xz nixos-e2dbaeb8637b3472740f066a1be0077544852ba3.zip

diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft index ba558877..520bfd6a 100644 --- a/hosts/vidhar/ruleset.nft +++ b/hosts/vidhar/ruleset.nft
@@ -91,6 +91,9 @@ table inet filter {
91	tcp dport 22 counter accept	91	tcp dport 22 counter accept
92	udp dport 60001-61000 counter accept	92	udp dport 60001-61000 counter accept
93		93
		94	iifname eno1 tcp dport 53 counter accept
		95	iifname eno1 udp dport 53 counter accept
		96
94	meta protocol ip udp dport 51820 counter accept	97	meta protocol ip udp dport 51820 counter accept
95	meta protocol ip6 udp dport 51821 counter accept	98	meta protocol ip6 udp dport 51821 counter accept
96	iifname "yggdrasil-wg-*" meta l4proto gre counter accept	99	iifname "yggdrasil-wg-*" meta l4proto gre counter accept