1 files changed, 4 insertions, 7 deletions
diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft
index 8b143178..0c421beb 100644
--- a/hosts/vidhar/ruleset.nft
+++ b/hosts/vidhar/ruleset.nft
@@ -4,17 +4,15 @@ table inet filter {
    policy drop
-    iifname eno1 counter accept
+    iifname eno1 oifname dsl counter accept
+    iifname dsl oifname eno1 ct state {established, related} counter accept
-    ct state {established, related} counter accept
    meta l4proto ipv6-icmp counter accept
    meta l4proto icmp counter accept
    meta l4proto igmp counter accept
-    log prefix "drop forward: "
+    log prefix "drop forward: " counter
-    counter
  }
  chain input {
@@ -36,8 +34,7 @@ table inet filter {
    meta l4proto icmp counter accept
    meta l4proto igmp counter accept
-    log prefix "drop input: "
+    log prefix "drop input: " counter
-    counter
  }
  chain output {

diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft index 8b143178..0c421beb 100644 --- a/hosts/vidhar/ruleset.nft +++ b/hosts/vidhar/ruleset.nft
@@ -4,17 +4,15 @@ table inet filter {
4	policy drop	4	policy drop
5		5
6		6
7	iifname eno1 counter accept	7	iifname eno1 oifname dsl counter accept
8		8	iifname dsl oifname eno1 ct state {established, related} counter accept
9	ct state {established, related} counter accept
10		9
11	meta l4proto ipv6-icmp counter accept	10	meta l4proto ipv6-icmp counter accept
12	meta l4proto icmp counter accept	11	meta l4proto icmp counter accept
13	meta l4proto igmp counter accept	12	meta l4proto igmp counter accept
14		13
15		14
16	log prefix "drop forward: "	15	log prefix "drop forward: " counter
17	counter
18	}	16	}
19		17
20	chain input {	18	chain input {
@@ -36,8 +34,7 @@ table inet filter {
36	meta l4proto icmp counter accept	34	meta l4proto icmp counter accept
37	meta l4proto igmp counter accept	35	meta l4proto igmp counter accept
38		36
39	log prefix "drop input: "	37	log prefix "drop input: " counter
40	counter
41	}	38	}
42		39
43	chain output {	40	chain output {