summaryrefslogtreecommitdiff
path: root/hosts/vidhar/ruleset.nft
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/vidhar/ruleset.nft')
-rw-r--r--hosts/vidhar/ruleset.nft6
1 files changed, 6 insertions, 0 deletions
diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft
index fec7b536..85094647 100644
--- a/hosts/vidhar/ruleset.nft
+++ b/hosts/vidhar/ruleset.nft
@@ -9,6 +9,9 @@ table inet filter {
9 policy drop 9 policy drop
10 10
11 11
12 ct state invalid counter drop
13
14
12 iifname eno1 oifname dsl counter accept 15 iifname eno1 oifname dsl counter accept
13 iifname dsl oifname eno1 ct state {established, related} counter accept 16 iifname dsl oifname eno1 ct state {established, related} counter accept
14 17
@@ -31,6 +34,9 @@ table inet filter {
31 policy drop 34 policy drop
32 35
33 36
37 ct state invalid counter drop
38
39
34 iifname lo counter accept 40 iifname lo counter accept
35 iif != lo ip daddr 127.0.0.1/8 counter reject 41 iif != lo ip daddr 127.0.0.1/8 counter reject
36 iif != lo ip6 daddr ::1/128 counter reject 42 iif != lo ip6 daddr ::1/128 counter reject