mirror of
https://github.com/GrapheneOS/infrastructure.git
synced 2025-12-15 16:38:53 -05:00
remove PowerDNS for unbound nftables allowlist
The unnecessary security polling has been disabled so it doesn't need this anymore.
This commit is contained in:
Daniel Micay
parent
9a69263f6b
commit
6c58739dc8
1 changed files with 1 additions and 1 deletions
|
|
@ -53,7 +53,7 @@ table inet filter {
|
|||
|
||||
chain output-internal {
|
||||
skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
|
||||
skuid {chrony, powerdns, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
|
||||
skuid {chrony, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
|
||||
|
||||
skuid != root counter goto output-reject
|
||||
accept
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue