From 34d0f7fc3b42ca5e6536ec0275c17a07a9f6a77d Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 11 Feb 2023 03:18:02 -0500
Subject: [PATCH] baseline web server config doesn't use DNS

---
 nftables-web.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nftables-web.conf b/nftables-web.conf
index 78ec589..e02fbb6 100644
--- a/nftables-web.conf
+++ b/nftables-web.conf
@@ -49,7 +49,7 @@ table inet filter {
 
     chain output-internal {
         skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
-        skuid {chrony, http} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
+        skuid chrony meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
 
         skuid != root counter goto output-reject
         accept