sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove bridge setup & use predictable network interace name

Browse source
This commit is contained in:
sonny 2023-08-06 20:57:24 +02:00
parent ed7bf5a46c
commit 83ad3362bd
6 changed files with 15 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

10
templates/nftables.j2
View file

@ -19,12 +19,12 @@ table ip filter {
# allow icmp
ip protocol icmp accept
iifname "br0" tcp dport {{ ssh_port }} accept comment "SSH"
iifname "br0" tcp dport {{ gitlab_ssh_port }} accept comment "Gitlab SSH"
iifname "br0" tcp dport { {{ http_port }}, {{ https_port }} } accept comment "HTTP/HTTPS"
iifname "br0" tcp dport {{ transmission_port }} accept comment "Transmission"
iifname "{{ network_interface }}" tcp dport {{ ssh_port }} accept comment "SSH"
iifname "{{ network_interface }}" tcp dport {{ gitlab_ssh_port }} accept comment "Gitlab SSH"
iifname "{{ network_interface }}" tcp dport { {{ http_port }}, {{ https_port }} } accept comment "HTTP/HTTPS"
iifname "{{ network_interface }}" tcp dport {{ transmission_port }} accept comment "Transmission"
iifname "br0" udp dport {{ vpn_port }} accept comment "Wireguard"
iifname "{{ network_interface }}" udp dport {{ vpn_port }} accept comment "Wireguard"
iifname "{{ vpn_interface }}" tcp dport { {{ http_port }}, {{ https_port }} } ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment "HTTP/HTTPS"
iifname "{{ vpn_interface }}" tcp dport {{ transmission_web_port }} ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment "Transmission Web"