From 07e4fdc78c8d6535a553f010bea6a406c2abacbf Mon Sep 17 00:00:00 2001
From: Kenny Ballou <kballou@devnulllabs.io>
Date: Fri, 5 Jul 2019 09:45:32 -0600
Subject: firewall: add http-alt ports

Signed-off-by: Kenny Ballou <kballou@devnulllabs.io>
---
 services/nftables-rules.nft | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'services')

diff --git a/services/nftables-rules.nft b/services/nftables-rules.nft
index d7923cb..d049508 100644
--- a/services/nftables-rules.nft
+++ b/services/nftables-rules.nft
@@ -9,6 +9,8 @@ table inet filter {
         ip protocol icmp counter accept
         ip6 nexthdr ipv6-icmp counter accept
         udp dport domain ip saddr 172.0.0.1/8 counter accept
+        tcp dport 8000 ip saddr 127.0.0.1/8 counter accept
+        tcp dport http-alt ip saddr 127.0.0.1/8 counter accept
         tcp dport ssh counter accept
         counter
     }
@@ -43,6 +45,7 @@ table inet filter {
         tcp dport rsync counter accept
         udp dport rsync counter accept
         tcp dport 8000 counter accept
+        tcp dport http-alt counter accept
         counter
     }
 }
-- 
cgit v1.2.1