From 79e80221cd74b4055141699b59fcb51ecbce5601 Mon Sep 17 00:00:00 2001 From: Patrick Spek Date: Wed, 28 Feb 2024 11:35:01 +0100 Subject: Rename fw-nftables to nftables --- defaults | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) (limited to 'defaults') diff --git a/defaults b/defaults index 7beae20..6145aab 100644 --- a/defaults +++ b/defaults @@ -9,24 +9,26 @@ dns.upstream.3=2a03:94e0:1804::1 dns.upstream.4=2001:470:71:6dc::53 etc-nixos.path=/etc/nixos etc-portage.path=/etc/portage -fw-nftables.input.icmp.ipv4.policy=accept -fw-nftables.input.icmp.ipv4.rate=2/second -fw-nftables.input.icmp.ipv6.policy=accept -fw-nftables.input.icmp.ipv6.rate=2/second -fw-nftables.input.interfaces.lo.policy=accept -fw-nftables.input.policy=drop -fw-nftables.input.rules.ssh.policy=accept -fw-nftables.input.rules.ssh.port=22 -fw-nftables.input.rules.ssh.proto=tcp -fw-nftables.input.rules.mosh.policy=accept -fw-nftables.input.rules.mosh.port=60000-61000 -fw-nftables.input.rules.mosh.proto=udp -fw-nftables.input.rules.wireguard.policy=accept -fw-nftables.input.rules.wireguard.port=51820 -fw-nftables.input.rules.wireguard.proto=udp -fw-nftables.input.state.established.policy=accept -fw-nftables.input.state.invalid.policy=drop -fw-nftables.input.state.related.policy=accept +nftables.input.icmp.ipv4.policy=accept +nftables.input.icmp.ipv4.rate=2/second +nftables.input.icmp.ipv6.policy=accept +nftables.input.icmp.ipv6.rate=2/second +nftables.input.interfaces.lo.policy=accept +nftables.input.interfaces.tyilnet.policy=accept +nftables.input.interfaces.tyilnet1058.policy=accept +nftables.input.policy=drop +nftables.input.rules.ssh.policy=accept +nftables.input.rules.ssh.port=22 +nftables.input.rules.ssh.proto=tcp +nftables.input.rules.mosh.policy=accept +nftables.input.rules.mosh.port=60000-61000 +nftables.input.rules.mosh.proto=udp +nftables.input.rules.wireguard.policy=accept +nftables.input.rules.wireguard.port=51820 +nftables.input.rules.wireguard.proto=udp +nftables.input.state.established.policy=accept +nftables.input.state.invalid.policy=drop +nftables.input.state.related.policy=accept k3s-master.cluster-domain=k3s.tyil.nl k3s-master.helm.apps.certmanager.chart=jetstack/cert-manager k3s-master.helm.apps.certmanager.namespace=base-system -- cgit v1.1