diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2025-12-15 19:19:31 -0500 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2025-12-15 19:19:31 -0500 |
| commit | 099c188b1d5287700e0d36ec08a25d7f9efd30a4 (patch) | |
| tree | 8ac25a949dc5d49f70246077ea999ad68af41305 /modules | |
| parent | fdc08bbeca685b3dd2d2b60a1da53af8f6d8c9e9 (diff) | |
Fix
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/router.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/router.nix b/modules/router.nix index 63b39fb..53d14fd 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -295,8 +295,8 @@ ip protocol icmp limit rate 4/second counter accept comment "icmp v4" ip6 nexthdr ipv6-icmp limit rate 4/second counter accept comment "accept all ICMP types" ct state vmap { established : accept, related : accept, invalid : drop } - - jump miniupnpd + # For miniupnpd. + ct status dnat accept # Don't allow accidental vpn forwarding to wan. iifname vpnlan-vport oifname wan-vport counter reject |