firewall: remove nat default policies

Signed-off-by: Kenny Ballou <kballou@devnulllabs.io>
author: Kenny Ballou <kballou@devnulllabs.io> 2019-06-27 17:40:18 -0600
committer: Kenny Ballou <kballou@devnulllabs.io> 2019-06-27 17:40:18 -0600
commit: e97d37c55c29c92d4bb27b394c0b29a0a342d59b (patch)
tree: c7ae22f9b8b842e62bda8322be26843ad0fb5330 /services
parent: a3f9d912731ff4a90ad48acbf21393aa6b1f4291 (diff)
download: cfg.nix-e97d37c55c29c92d4bb27b394c0b29a0a342d59b.tar.gz
cfg.nix-e97d37c55c29c92d4bb27b394c0b29a0a342d59b.tar.xz
1 files changed, 4 insertions, 4 deletions
diff --git a/services/nftables-rules.nft b/services/nftables-rules.nft
index 7c805ab..e9cbf54 100644
--- a/services/nftables-rules.nft
+++ b/services/nftables-rules.nft
@@ -49,20 +49,20 @@ table inet filter {
 
 table ip nat {
     chain prerouting {
-        type nat hook prerouting priority 0; policy accept;
+        type nat hook prerouting priority 0;
         counter
    chain postrouting {
-        type nat hook postrouting priority 100; policy accept;
+        type nat hook postrouting priority 100;
         counter
     }
 }
 
 table ip6 nat {
     chain prerouting {
-        type nat hook prerouting priority 0; policy accept;
+        type nat hook prerouting priority 0;
         counter
    chain postrouting {
-        type nat hook postrouting priority 100; policy accept;
+        type nat hook postrouting priority 100;
         counter
     }
 }
author	Kenny Ballou <kballou@devnulllabs.io>	2019-06-27 17:40:18 -0600
committer	Kenny Ballou <kballou@devnulllabs.io>	2019-06-27 17:40:18 -0600
commit	e97d37c55c29c92d4bb27b394c0b29a0a342d59b (patch)
tree	c7ae22f9b8b842e62bda8322be26843ad0fb5330 /services
parent	a3f9d912731ff4a90ad48acbf21393aa6b1f4291 (diff)
download	cfg.nix-e97d37c55c29c92d4bb27b394c0b29a0a342d59b.tar.gz cfg.nix-e97d37c55c29c92d4bb27b394c0b29a0a342d59b.tar.xz