diff options
Diffstat (limited to 'hosts/surtr/ruleset.nft')
| -rw-r--r-- | hosts/surtr/ruleset.nft | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index ee72614f..4993b6b7 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft | |||
| @@ -171,7 +171,6 @@ table inet filter { | |||
| 171 | udp dport 53 counter name dns-rx accept | 171 | udp dport 53 counter name dns-rx accept |
| 172 | 172 | ||
| 173 | tcp dport {80, 443, 8448} counter name http-rx accept | 173 | tcp dport {80, 443, 8448} counter name http-rx accept |
| 174 | udp dport {443, 8448} counter name http-rx accept | ||
| 175 | 174 | ||
| 176 | tcp dport {3478, 5349} counter name stun-rx accept | 175 | tcp dport {3478, 5349} counter name stun-rx accept |
| 177 | udp dport {3478, 5349} counter name stun-rx accept | 176 | udp dport {3478, 5349} counter name stun-rx accept |
| @@ -216,8 +215,7 @@ table inet filter { | |||
| 216 | meta protocol ip6 udp sport {51821, 51822} counter name wg-tx | 215 | meta protocol ip6 udp sport {51821, 51822} counter name wg-tx |
| 217 | iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx | 216 | iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx |
| 218 | 217 | ||
| 219 | tcp sport {80, 443, 8448} counter name http-tx accept | 218 | tcp sport {80,443,8448} counter name http-tx accept |
| 220 | udp sport {443, 8448} counter name http-tx accept | ||
| 221 | 219 | ||
| 222 | tcp sport {3478, 5349} counter name stun-tx accept | 220 | tcp sport {3478, 5349} counter name stun-tx accept |
| 223 | udp sport {3478, 5349} counter name stun-tx accept | 221 | udp sport {3478, 5349} counter name stun-tx accept |