mirror of
https://github.com/GrapheneOS/infrastructure.git
synced 2025-12-09 21:55:46 -05:00
nftables: preserve connlimit sets across reloads
This commit is contained in:
Daniel Micay
parent
f3156e641d
commit
7d55588972
10 changed files with 20 additions and 20 deletions
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 25, 80, 443, 465, 993 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443, 7275 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 53, 80, 443, 853 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 53, 80, 443, 853 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/nft -f
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter
|
||||
flush table inet filter
|
||||
table inet filter {
|
||||
define tcp-ports = { 80, 443 }
|
||||
define tcp-ports-full = { 22, $tcp-ports }
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue