From e9057b32aacc3603027bcb27f20aaac5992d7a4b Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kjetil.orbekk@gmail.com>
Date: Sun, 19 Jan 2020 07:36:41 -0500
Subject: firewall

---
 config/ap.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/config/ap.nix b/config/ap.nix
index 9bc2ef6..66a2014 100644
--- a/config/ap.nix
+++ b/config/ap.nix
@@ -40,6 +40,17 @@ in
 
           interface $DEV_LAN @subchain "services" {
             proto (tcp udp) dport (ssh domain bootps) ACCEPT;
+
+	    # Chromecast
+            # proto udp dport 32768:61000 ACCEPT;
+	    # proto udp dport (5353 1900) ACCEPT;
+	    # proto tcp dport (8008 8009) ACCEPT;
+
+	    # chain logdrop {
+            #   LOG log-level warning log-prefix "dropped-lan ";
+	    #   DROP;
+	    # }
+	    # jump logdrop;
           }
         }
 
-- 
cgit v1.2.3