diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-03-14 17:00:42 +0100 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-03-14 17:00:42 +0100 |
| commit | 3d3f8c4721fd0c978243d365d7ac8eaea1124b17 (patch) | |
| tree | 2e60e6cd5d3990ff51e59133c09678f877e4d934 /installer | |
| parent | 67ad77720622605af0ec366fb068d9c9da320231 (diff) | |
| download | nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar.gz nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar.bz2 nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.tar.xz nixos-3d3f8c4721fd0c978243d365d7ac8eaea1124b17.zip | |
installer: allow input
Diffstat (limited to 'installer')
| -rw-r--r-- | installer/ruleset.nft | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/installer/ruleset.nft b/installer/ruleset.nft index 4de54dd7..803ce9fd 100644 --- a/installer/ruleset.nft +++ b/installer/ruleset.nft | |||
| @@ -73,6 +73,9 @@ table inet filter { | |||
| 73 | udp dport 60000-61000 counter accept | 73 | udp dport 60000-61000 counter accept |
| 74 | 74 | ||
| 75 | 75 | ||
| 76 | ct state {established, related} counter name established-rx accept | ||
| 77 | |||
| 78 | |||
| 76 | limit name lim_reject log level debug prefix "drop input: " counter drop | 79 | limit name lim_reject log level debug prefix "drop input: " counter drop |
| 77 | log level debug prefix "reject input: " counter | 80 | log level debug prefix "reject input: " counter |
| 78 | meta l4proto tcp ct state new counter reject with tcp reset | 81 | meta l4proto tcp ct state new counter reject with tcp reset |