kitten.sh / system
Personal Nix setup
fork atom

Clean up allowed ports

kitten.sh 270b4f20 2f7a2c7e

options
unified split
Changed files
-2
modules
router
nftables.nix
-2
modules/router/nftables.nix 
···

       
82

       
82

       
 

       
            meta l4proto ipv6-icmp accept


     

       
83

       
83

       
 

       
            ip6 ecn not-ect accept


     

       
84

       
84

       
 

       
            udp dport dhcpv6-client ct state { new, untracked } accept


     

       
85

       

       
-

       
            udp dport { http, https } ct state new accept


     

       
86

       

       
-

       
            tcp dport { http, https } ct state new accept


     

       
87

       
85

       
 

       
            udp dport 41641 ct state new accept


     

       
88

       
86

       
 

       
            reject with icmpx type port-unreachable


     

       
89

       
87

       
 

       
          }