summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKenny Ballou <kb@devnulllabs.io>2021-07-22 20:32:39 -0600
committerKenny Ballou <kb@devnulllabs.io>2021-07-22 21:09:37 -0600
commit1f00d242d279e650edc5309bf0d3874b3534570b (patch)
tree531faafeab92e2225e4cab4fb91b79620c712bef
parent6200b15a879ee7d0f1c5df3a809f167018314186 (diff)
downloadcfg.nix-1f00d242d279e650edc5309bf0d3874b3534570b.tar.gz
cfg.nix-1f00d242d279e650edc5309bf0d3874b3534570b.tar.xz
daeva: nft: allow local bound ipv6 traffic
Allowing this traffic makes lsp and dap modes usable. Before, I would have to wait for, apparently, ipv6 to timeout and fall back to ipv4 to use Java dap debugging in emacs. No more! Signed-off-by: Kenny Ballou <kb@devnulllabs.io>
-rw-r--r--daeva/nftables-rules.nft1
1 files changed, 1 insertions, 0 deletions
diff --git a/daeva/nftables-rules.nft b/daeva/nftables-rules.nft
index 378d630..43234cd 100644
--- a/daeva/nftables-rules.nft
+++ b/daeva/nftables-rules.nft
@@ -55,6 +55,7 @@ table inet filter {
udp dport openvpn counter accept
tcp dport postgresql ip daddr { 127.0.0.1/8, 10.0.0.0/8 } counter accept
ip daddr 127.0.0.0/8 counter accept
+ ip6 daddr ::1 counter accept
tcp dport 5222 counter accept
tcp dport 6697 counter accept
tcp dport 2049 ip daddr 10.0.0.0/8 counter accept