From f4c2da95af41382a8c68c109a0e263e3046e9751 Mon Sep 17 00:00:00 2001
From: Paul Lecuq <paul@paulbsd.com>
Date: Sat, 10 Jun 2023 10:08:50 +0200
Subject: [PATCH] updated nftables state

---
 states/nftables/templates/rules.nft.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/states/nftables/templates/rules.nft.j2 b/states/nftables/templates/rules.nft.j2
index 71881d4..87ba23c 100644
--- a/states/nftables/templates/rules.nft.j2
+++ b/states/nftables/templates/rules.nft.j2
@@ -11,6 +11,8 @@ add chain ip filter OUTPUT { type filter hook output priority 0; policy accept;
 add chain ip filter DOCKER
 add rule ip filter INPUT iifname lo counter accept
 add rule ip filter INPUT iifname tun* counter accept
+add rule ip filter INPUT iifname br* counter accept
+add rule ip filter INPUT iifname veth* counter accept
 add rule ip filter INPUT ct state related,established counter accept
 add rule ip filter INPUT ip protocol icmp counter accept
 {%- for network in net.ip_networks+net.optional_ip_networks %}