reorder network allowlists for consistency

2025-01-03 02:50:47 -05:00 · 2022-08-10 11:13:31 -04:00 · 2022-08-10 11:13:31 -04:00 · 07dca7919d
commit 07dca7919d
parent afce4f2a51
6 changed files with 6 additions and 6 deletions
--- a/nftables-attestation.conf
+++ b/nftables-attestation.conf
@ -44,7 +44,7 @@ table inet filter {
        type filter hook output priority filter

        oif lo goto output-internal
-        skuid != {root, systemd-network, chrony, unbound, http, attestation} counter goto output-reject
+        skuid != {root, systemd-network, unbound, chrony, http, attestation} counter goto output-reject
    }

    chain output-internal {
--- a/nftables-discuss.conf
+++ b/nftables-discuss.conf
@ -44,7 +44,7 @@ table inet filter {
        type filter hook output priority filter

        oif lo goto output-internal
-        skuid != {root, systemd-network, chrony, unbound, http, flarum, flarum-admin} counter goto output-reject
+        skuid != {root, systemd-network, unbound, chrony, http, flarum, flarum-admin} counter goto output-reject
    }

    chain output-internal {
--- a/nftables-dns.conf
+++ b/nftables-dns.conf
@ -48,7 +48,7 @@ table inet filter {
        type filter hook output priority filter

        oif lo goto output-internal
-        skuid != {root, systemd-network, chrony, unbound, powerdns, geoipupdate} counter goto output-reject
+        skuid != {root, systemd-network, unbound, chrony, powerdns, geoipupdate} counter goto output-reject
    }

    chain output-internal {
--- a/nftables-mail.conf
+++ b/nftables-mail.conf
@ -44,7 +44,7 @@ table inet filter {
        type filter hook output priority filter

        oif lo goto output-internal
-        skuid != {root, systemd-network, chrony, unbound, postfix, dovecot, dovenull} counter goto output-reject
+        skuid != {root, systemd-network, unbound, chrony, postfix, dovecot, dovenull} counter goto output-reject
    }

    chain output-internal {
--- a/nftables-matrix.conf
+++ b/nftables-matrix.conf
@ -44,7 +44,7 @@ table inet filter {
        type filter hook output priority filter

        oif lo goto output-internal
-        skuid != {root, systemd-network, chrony, unbound, http, synapse, matterbridge} counter goto output-reject
+        skuid != {root, systemd-network, unbound, chrony, http, synapse, matterbridge} counter goto output-reject
    }

    chain output-internal {
--- a/nftables-web.conf
+++ b/nftables-web.conf
@ -44,7 +44,7 @@ table inet filter {
        type filter hook output priority filter

        oif lo goto output-internal
-        skuid != {root, systemd-network, chrony, unbound, http} counter goto output-reject
+        skuid != {root, systemd-network, unbound, chrony, http} counter goto output-reject
    }

    chain output-internal {