diff options
author | Kjetil Orbekk <kj@orbekk.com> | 2023-03-03 20:31:14 -0500 |
---|---|---|
committer | Kjetil Orbekk <kj@orbekk.com> | 2023-03-03 20:31:14 -0500 |
commit | e5a104d4c5acf6b01a141cad209e61dc557b2e96 (patch) | |
tree | e6e8136a63472afd9e1f24e4b3b45e87aec4344e /modules/router.nix | |
parent | 3d9dacee9ef907ba99675e67ddf22a7cdaa25e09 (diff) |
update
Diffstat (limited to 'modules/router.nix')
-rw-r--r-- | modules/router.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/modules/router.nix b/modules/router.nix index 8ec7479..4b757c2 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -175,7 +175,8 @@ let ${toString mullvadPort}, ${toString vpnPort} } define SERVER_LAN_PORTS = { - tftp, 139, 445, 137, 138 + tftp, 139, 445, 137, 138, + 1080, # socks } table inet filter { chain input { @@ -214,7 +215,7 @@ let ip daddr 172.20.30.2 th dport {9091, 56732} counter accept; oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_WAN_PORTS counter accept iifname lan-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept - iifname vpn-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept + iifname vpnlan-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept iifname servers-vport counter accept counter drop |