update firewall rules

Signed-off-by: Kenny Ballou <kballou@devnulllabs.io>

2 files changed, 10 insertions, 1 deletions

diff --git a/daeva/nftables-rules.nft b/daeva/nftables-rules.nft
index 8d78807..792b684 100644
--- a/daeva/nftables-rules.nft
+++ b/daeva/nftables-rules.nft
@@ -11,7 +11,7 @@ table inet filter {
         udp dport domain ip saddr 172.16.0.0/12 counter accept
         tcp dport 3000 ip saddr 127.0.0.1/8 counter accept
         tcp dport 8000 ip saddr 127.0.0.1/8 counter accept
-        tcp dport http-alt ip saddr { 127.0.0.1/8, 10.100.0.0/8 } counter accept
+        tcp dport http-alt ip saddr { 127.0.0.1/8, 10.0.0.0/8 } counter accept
         counter
     }
 
@@ -53,6 +53,11 @@ table inet filter {
         ip daddr 127.0.0.0/8 counter accept
         tcp dport 5222 counter accept
         tcp dport 6697 counter accept
+		tcp dport 2049 ip daddr 10.0.0.0/8 counter accept
+		udp dport 2049 ip daddr 10.0.0.0/8 counter accept
+		tcp dport 20048 ip daddr 10.0.0.0/8 counter accept
+		udp dport 20048 ip daddr 10.0.0.0/8 counter accept
+        tcp dport 13052 counter accept
         counter
     }
 }
diff --git a/eligos/nftables-rules.nft b/eligos/nftables-rules.nft
index adc8507..c26071e 100644
--- a/eligos/nftables-rules.nft
+++ b/eligos/nftables-rules.nft
@@ -13,6 +13,10 @@ table inet filter {
         tcp dport 8000 ip saddr 127.0.0.1/8 counter accept
         tcp dport 8384 ip saddr 127.0.0.1/8 counter accept
         tcp dport 8080 ip saddr { 127.0.0.1/8, 10.1.0.0/8 } counter accept
+        tcp dport 20048 ip saddr 10.0.0.0/8 counter accept
+        udp dport 20048 ip saddr 10.0.0.0/8 counter accept
+        udp dport 2049 ip saddr 10.0.0.0/8 counter accept
+        tcp dport 2049 ip saddr 10.0.0.0/8 counter accept
         tcp dport ssh counter accept
         counter
     }