From cd4f0b1541af8043c1ee9b5debab67de0904892b Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 5 May 2022 15:46:25 +0200 Subject: surtr: ... --- hosts/surtr/ruleset.nft | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'hosts') diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index e5fcf720..2e8dab54 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft @@ -78,6 +78,8 @@ table inet filter { counter http-rx {} counter stun-rx {} counter turn-rx {} + counter smtp-rx {} + counter submissions-rx {} counter established-rx {} @@ -101,6 +103,8 @@ table inet filter { counter http-tx {} counter stun-tx {} counter turn-tx {} + counter smtp-tx {} + counter submissions-rx {} counter tx {} @@ -166,6 +170,9 @@ table inet filter { udp dport {3478, 5349} counter name stun-rx accept udp dport 49000-50000 counter name turn-rx accept + # tcp dport 25 counter name smtp-rx accept + tcp dport 465 counter name submissions-rx accept + ct state {established, related} counter name established-rx accept @@ -205,6 +212,9 @@ table inet filter { udp sport {3478, 5349} counter name stun-tx accept udp sport 49000-50000 counter name turn-tx accept + tcp sport 25 counter name smtp-tx accept + tcp sport 465 counter name submissions-tx accept + counter name tx } -- cgit v1.2.3