From 4800e3a8c7e9f6bbb668c50a29f689a83de223c7 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Mon, 27 Feb 2023 15:01:09 +0100
Subject: ...

---
 hosts/sif/ruleset.nft | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'hosts/sif')

diff --git a/hosts/sif/ruleset.nft b/hosts/sif/ruleset.nft
index 2a1467b8..e2ac45c6 100644
--- a/hosts/sif/ruleset.nft
+++ b/hosts/sif/ruleset.nft
@@ -62,6 +62,7 @@ table inet filter {
   counter wg-rx {}
   counter yggdrasil-gre-rx {}
   counter quickserve-rx {}
+  counter ausweisapp2-rx {}
 
   counter established-rx {}
 
@@ -115,7 +116,7 @@ table inet filter {
 
 
     ct state invalid log level debug prefix "drop invalid input: " counter name invalid-rx drop
-    
+
 
     iifname lo counter name rx-lo accept
     iif != lo ip daddr 127.0.0.1/8 counter name invalid-local4-rx reject
@@ -128,6 +129,7 @@ table inet filter {
     udp dport 60000-61000 counter name mosh-rx accept
 
     tcp dport 8000 counter name quickserve-rx accept
+    udp dport 24727 counter name ausweisapp2-rx accept
 
     udp dport 51820-51822 counter name wg-rx accept
     iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-rx accept
@@ -206,4 +208,4 @@ table ip mss_clamp {
 
     iifname virbr0 oifname != virbr0 tcp flags & (syn|rst) == syn counter name libvirt-mss-clamp tcp option maxseg size set rt mtu
   }
-}
\ No newline at end of file
+}
-- 
cgit v1.2.3