From ba86ae504d8ea9796e43c1b061aa070761cd1323 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Mon, 21 Nov 2022 18:58:56 +0100
Subject: pgbackrest

---
 hosts/surtr/ruleset.nft | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'hosts/surtr/ruleset.nft')

diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft
index 51fcd498..4993b6b7 100644
--- a/hosts/surtr/ruleset.nft
+++ b/hosts/surtr/ruleset.nft
@@ -82,6 +82,7 @@ table inet filter {
   counter submissions-rx {}
   counter imaps-rx {}
   counter managesieve-rx {}
+  counter pgbackrest-rx {}
 
   counter established-rx {}
 
@@ -109,6 +110,7 @@ table inet filter {
   counter submissions-tx {}
   counter imaps-tx {}
   counter managesieve-tx {}
+  counter pgbackrest-tx {}
 
   counter tx {}
 
@@ -149,7 +151,7 @@ table inet filter {
 
 
     ct state invalid log level debug prefix "drop invalid input: " counter name invalid-rx drop
-    
+
 
     iifname lo counter name rx-lo accept
     iif != lo ip daddr 127.0.0.1/8 counter name invalid-local4-rx reject
@@ -178,6 +180,7 @@ table inet filter {
     tcp dport 465 counter name submissions-rx accept
     tcp dport 993 counter name imaps-rx accept
     tcp dport 4190 counter name managesieve-rx accept
+    iifname yggdrasil tcp dport 8432 counter name pgbackrest-rx accept
 
     ct state {established, related} counter name established-rx accept
 
@@ -222,7 +225,8 @@ table inet filter {
     tcp sport 465 counter name submissions-tx accept
     tcp sport 993 counter name imaps-tx accept
     tcp sport 4190 counter name managesieve-tx accept
-    
+    tcp sport 8432 counter name pgbackrest-tx accept
+
 
     counter name tx
   }
-- 
cgit v1.2.3