From e7bd46db488f29b593a2a4b6e0ce6fdf4d92f25b Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 1 Jan 2022 17:05:21 +0100
Subject: ...

---
 hosts/vidhar/prometheus/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix
index 863b77fe..cc63b57d 100644
--- a/hosts/vidhar/prometheus/default.nix
+++ b/hosts/vidhar/prometheus/default.nix
@@ -231,7 +231,7 @@ in {
         RestrictSUIDSGID = true;
         SystemCallArchitectures = "native";
         UMask = "0077";
-        AmbientCapabilities = [ "CAP_NET_ADMIN" ];
+        AmbientCapabilities = [ "CAP_NET_RAW" "CAP_NET_ADMIN" ];
 
         Type = "simple";
         ExecStart = "${pkgs.nftables-prometheus-exporter}/bin/nftables-prometheus-exporter";
-- 
cgit v1.2.3