diff options
Diffstat (limited to 'hosts/vidhar')
-rw-r--r-- | hosts/vidhar/network/ruleset.nft | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft index f6a2175c..fb04e449 100644 --- a/hosts/vidhar/network/ruleset.nft +++ b/hosts/vidhar/network/ruleset.nft | |||
@@ -162,8 +162,8 @@ table inet filter { | |||
162 | iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop | 162 | iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop |
163 | meta l4proto $icmp_protos counter name icmp-rx accept | 163 | meta l4proto $icmp_protos counter name icmp-rx accept |
164 | 164 | ||
165 | iifname { lan, mgmt, dsl } tcp dport 22 counter name ssh-rx accept | 165 | iifname { lan, mgmt, dsl, yggdrasil } tcp dport 22 counter name ssh-rx accept |
166 | iifname { lan, mgmt, dsl } udp dport 60001-61000 counter name mosh-rx accept | 166 | iifname { lan, mgmt, dsl, yggdrasil } udp dport 60001-61000 counter name mosh-rx accept |
167 | 167 | ||
168 | iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept | 168 | iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept |
169 | iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept | 169 | iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept |
@@ -176,7 +176,7 @@ table inet filter { | |||
176 | 176 | ||
177 | iifname mgmt udp dport 123 counter name ntp-rx accept | 177 | iifname mgmt udp dport 123 counter name ntp-rx accept |
178 | 178 | ||
179 | iifname {lan, mgmt} udp dport 67 counter name dhcp-rx accept | 179 | iifname { lan, mgmt, dmz01 } udp dport 67 counter name dhcp-rx accept |
180 | 180 | ||
181 | iifname lan udp dport { 137, 138, 3702 } counter name samba-rx accept | 181 | iifname lan udp dport { 137, 138, 3702 } counter name samba-rx accept |
182 | iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept | 182 | iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept |