firewall: add http-alt ports

Signed-off-by: Kenny Ballou <kballou@devnulllabs.io>
author: Kenny Ballou <kballou@devnulllabs.io> 2019-07-05 09:45:32 -0600
committer: Kenny Ballou <kballou@devnulllabs.io> 2019-07-05 09:46:46 -0600
commit: 07e4fdc78c8d6535a553f010bea6a406c2abacbf (patch)
tree: 101480d34db828b3738eb0915f1c6a9a314526c8 /services
parent: 5f04e48d2af64e1b8e22579be07d9f2922f6fa57 (diff)
download: cfg.nix-07e4fdc78c8d6535a553f010bea6a406c2abacbf.tar.gz
cfg.nix-07e4fdc78c8d6535a553f010bea6a406c2abacbf.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/services/nftables-rules.nft b/services/nftables-rules.nft
index d7923cb..d049508 100644
--- a/services/nftables-rules.nft
+++ b/services/nftables-rules.nft
@@ -9,6 +9,8 @@ table inet filter {
         ip protocol icmp counter accept
         ip6 nexthdr ipv6-icmp counter accept
         udp dport domain ip saddr 172.0.0.1/8 counter accept
+        tcp dport 8000 ip saddr 127.0.0.1/8 counter accept
+        tcp dport http-alt ip saddr 127.0.0.1/8 counter accept
         tcp dport ssh counter accept
         counter
     }
@@ -43,6 +45,7 @@ table inet filter {
         tcp dport rsync counter accept
         udp dport rsync counter accept
         tcp dport 8000 counter accept
+        tcp dport http-alt counter accept
         counter
     }
 }
author	Kenny Ballou <kballou@devnulllabs.io>	2019-07-05 09:45:32 -0600
committer	Kenny Ballou <kballou@devnulllabs.io>	2019-07-05 09:46:46 -0600
commit	07e4fdc78c8d6535a553f010bea6a406c2abacbf (patch)
tree	101480d34db828b3738eb0915f1c6a9a314526c8 /services
parent	5f04e48d2af64e1b8e22579be07d9f2922f6fa57 (diff)
download	cfg.nix-07e4fdc78c8d6535a553f010bea6a406c2abacbf.tar.gz cfg.nix-07e4fdc78c8d6535a553f010bea6a406c2abacbf.tar.xz