clerie/nixfiles
1
0
Fork 0
Code

modules/clerie-firewall: enable connection tracking

Browse Source
This commit is contained in:
clerie 2023-02-03 00:49:56 +01:00
parent f05567cbce
commit 7f84597b56
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/clerie-firewall/default.nix
View File

@ -24,6 +24,9 @@ let
ip46tables -N forward-filter ip46tables -N forward-filter
# Allow packets from existing connections
ip46tables -A forward-filter -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
${cfg.extraForwardFilterCommands} ${cfg.extraForwardFilterCommands}
ip46tables -A FORWARD -j forward-filter ip46tables -A FORWARD -j forward-filter