paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated nftables state

Browse Source
This commit is contained in:
Paul 2023-03-31 17:40:29 +02:00
parent 5d8819eca7
commit bec2c40b56
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
states/nftables/templates/rules.nft.j2
View File

@ -13,7 +13,7 @@ add rule ip filter INPUT iifname lo counter accept
add rule ip filter INPUT iifname tun* counter accept
add rule ip filter INPUT ct state related,established counter accept
add rule ip filter INPUT ip protocol icmp counter accept
{%- for network in net.ip_networks %}
{%- for network in net.ip_networks+net.optional_ip_networks %}
{%- if '.' in network %}
add rule ip filter INPUT ip saddr {{ network }} ct state established,new counter accept
{%- endif %}