summaryrefslogtreecommitdiff
path: root/hosts
diff options
context:
space:
mode:
Diffstat (limited to 'hosts')
-rw-r--r--hosts/vidhar/network/ruleset.nft7
1 files changed, 7 insertions, 0 deletions
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index 5b68b773..4d829355 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -85,6 +85,7 @@ table inet filter {
85 counter dhcp-rx {} 85 counter dhcp-rx {}
86 counter samba-rx {} 86 counter samba-rx {}
87 counter http-rx {} 87 counter http-rx {}
88 counter tftp-rx {}
88 89
89 counter established-rx {} 90 counter established-rx {}
90 91
@@ -110,6 +111,7 @@ table inet filter {
110 counter dhcp-tx {} 111 counter dhcp-tx {}
111 counter samba-tx {} 112 counter samba-tx {}
112 counter http-tx {} 113 counter http-tx {}
114 counter tftp-tx {}
113 115
114 counter tx {} 116 counter tx {}
115 117
@@ -180,6 +182,8 @@ table inet filter {
180 iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept 182 iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept
181 183
182 iifname yggdrasil tcp dport 80 counter name http-rx accept 184 iifname yggdrasil tcp dport 80 counter name http-rx accept
185
186 iifname mgmt udp dport 69 counter name tftp-rx accept
183 187
184 ct state {established, related} counter name established-rx accept 188 ct state {established, related} counter name established-rx accept
185 189
@@ -223,6 +227,9 @@ table inet filter {
223 227
224 tcp sport 80 counter name http-tx accept 228 tcp sport 80 counter name http-tx accept
225 229
230 udp sport 69 counter name tftp-tx accept
231 iifname mgmt udp dport 69 counter name tftp-tx accept
232
226 233
227 counter name tx 234 counter name tx
228 } 235 }