diff options
Diffstat (limited to 'services')
| -rw-r--r-- | services/nftables-rules.nft | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/services/nftables-rules.nft b/services/nftables-rules.nft index 3635100..e4d9491 100644 --- a/services/nftables-rules.nft +++ b/services/nftables-rules.nft @@ -18,6 +18,8 @@ table inet filter { chain forward { type filter hook forward priority 0; policy drop; ct state established,related counter accept + ip saddr 172.16.0.0/12 ip daddr 172.16.0.0/12 counter accept + iifname docker0 oifname != docker counter accept counter } @@ -60,6 +62,8 @@ table ip nat { } chain postrouting { type nat hook postrouting priority 100; + ip saddr 172.16.0.0/12 oifname enp0s25 counter masquerade + ip saddr 172.16.0.0/12 oifname wlp2s0 counter masquerade counter } } @@ -71,6 +75,8 @@ table ip6 nat { } chain postrouting { type nat hook postrouting priority 100; + ip6 saddr fcdd::/48 oifname enp0s25 counter masquerade + ip6 saddr fcdd::/48 oifname wlp2s0 counter masquerade counter } } |