diff options
| author | Kenny Ballou <kballou@devnulllabs.io> | 2020-01-16 19:03:34 -0700 |
|---|---|---|
| committer | Kenny Ballou <kballou@devnulllabs.io> | 2020-01-16 19:03:34 -0700 |
| commit | de569449f8bfae38a49a3c5822f626fee3283fe4 (patch) | |
| tree | d184fc0c5f35b95d0212f652b77c4c80d811ed77 /phenex | |
| parent | b2ead5f17a80788ed7714b3f3d749ec6dd139592 (diff) | |
| download | cfg.nix-de569449f8bfae38a49a3c5822f626fee3283fe4.tar.gz cfg.nix-de569449f8bfae38a49a3c5822f626fee3283fe4.tar.xz | |
phenex: nft: fix error in forward rules
Signed-off-by: Kenny Ballou <kballou@devnulllabs.io>
Diffstat (limited to 'phenex')
| -rw-r--r-- | phenex/nftables-rules.nft | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/phenex/nftables-rules.nft b/phenex/nftables-rules.nft index 9b75370..797f164 100644 --- a/phenex/nftables-rules.nft +++ b/phenex/nftables-rules.nft @@ -18,11 +18,11 @@ table inet filter { chain forward { type filter hook forward priority 0; policy drop; ct state established,related counter accept - ip saddr 172.16.0.0/12 daddr 0.0.0.0/8 counter accept + ip saddr 172.16.0.0/12 ip daddr 0.0.0.0/8 counter accept ip saddr 172.16.0.0/12 ip daddr 172.16.0.0/12 counter accept iifname "docker0" oifname "enp0s25" counter accept iifname "docker0" oifname "wlp2s0" counter accept - iifname docker0 oifname != docker0 counter accept + iifname "docker0" oifname != "docker0" counter accept counter } |