From 3f8919adb786778c48ee6dc93a4b835414fb2758 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 8 Dec 2021 18:09:53 +0100 Subject: vidhar: nftables... --- hosts/vidhar/ruleset.nft | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft index 8b143178..0c421beb 100644 --- a/hosts/vidhar/ruleset.nft +++ b/hosts/vidhar/ruleset.nft @@ -4,17 +4,15 @@ table inet filter { policy drop - iifname eno1 counter accept - - ct state {established, related} counter accept + iifname eno1 oifname dsl counter accept + iifname dsl oifname eno1 ct state {established, related} counter accept meta l4proto ipv6-icmp counter accept meta l4proto icmp counter accept meta l4proto igmp counter accept - log prefix "drop forward: " - counter + log prefix "drop forward: " counter } chain input { @@ -36,8 +34,7 @@ table inet filter { meta l4proto icmp counter accept meta l4proto igmp counter accept - log prefix "drop input: " - counter + log prefix "drop input: " counter } chain output { -- cgit v1.2.3