sonny/sentry
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Revert "Try different firewall rules"

Browse source 
This reverts commit 58d2528c40.
This commit is contained in:
Sonny Bakker 2021-02-02 22:07:20 +01:00
parent 931325f409
commit 90d958cb69
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
templates/nftables.j2
View file

@ -6,7 +6,7 @@
flush ruleset flush ruleset
table inet filter { table inet filter {
chain input { chain INPUT {
type filter hook input priority 0; policy drop; type filter hook input priority 0; policy drop;
# accept any localhost traffic # accept any localhost traffic
@ -18,7 +18,7 @@ table inet filter {
tcp dport { 22, 80, 443 } accept tcp dport { 22, 80, 443 } accept
} }
chain forward { chain FORWARD {
type filter hook forward priority 0; policy drop; type filter hook forward priority 0; policy drop;
ct state { established, related } accept; ct state { established, related } accept;
@ -27,7 +27,7 @@ table inet filter {
} }
table ip filter { table ip filter {
chain DOCKER { chain DOCKER-USER {
mark set 1 mark set 1
} }
} }