From 5bc987ff56d78201574c03f9bd4d3411d6aa56b9 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 8 Jan 2022 00:33:07 +0100
Subject: vidhar: ...

---
 hosts/vidhar/network/ruleset.nft | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index f6a2175c..fb04e449 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -162,8 +162,8 @@ table inet filter {
     iifname != dsl meta l4proto $icmp_protos limit name lim_icmp_local counter name icmp-ratelimit-local-rx drop
     meta l4proto $icmp_protos counter name icmp-rx accept
 
-    iifname { lan, mgmt, dsl } tcp dport 22 counter name ssh-rx accept
-    iifname { lan, mgmt, dsl } udp dport 60001-61000 counter name mosh-rx accept
+    iifname { lan, mgmt, dsl, yggdrasil } tcp dport 22 counter name ssh-rx accept
+    iifname { lan, mgmt, dsl, yggdrasil } udp dport 60001-61000 counter name mosh-rx accept
 
     iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept
     iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept
@@ -176,7 +176,7 @@ table inet filter {
 
     iifname mgmt udp dport 123 counter name ntp-rx accept
 
-    iifname {lan, mgmt} udp dport 67 counter name dhcp-rx accept
+    iifname { lan, mgmt, dmz01 } udp dport 67 counter name dhcp-rx accept
 
     iifname lan udp dport { 137, 138, 3702 } counter name samba-rx accept
     iifname lan tcp dport { 445, 139, 5357 } counter name samba-rx accept
-- 
cgit v1.2.3