Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-07-24 15:25:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

move dnsdist control socket to port 55

Browse source 
This avoids unnecessary overlap with our ephemeral port range.
This commit is contained in:
Daniel Micay 2025-06-27 13:39:43 -04:00
parent 3b2f6d546c
commit ac0dc27596
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
etc/nftables/nftables-ns1.conf
View file

@ -133,7 +133,7 @@ table inet filter {
skuid powerdns tcp sport 81 tcp dport >= 1024 notrack accept skuid powerdns tcp sport 81 tcp dport >= 1024 notrack accept
skuid dnsdist tcp sport 5199 tcp dport >= 1024 notrack accept skuid dnsdist tcp sport 55 tcp dport >= 1024 notrack accept
skuid zerotier-one tcp sport 9993 tcp dport >= 1024 notrack accept skuid zerotier-one tcp sport 9993 tcp dport >= 1024 notrack accept

2
etc/nftables/nftables-ns2.conf
View file

@ -131,7 +131,7 @@ table inet filter {
skuid powerdns tcp sport 81 tcp dport >= 1024 notrack accept skuid powerdns tcp sport 81 tcp dport >= 1024 notrack accept
skuid dnsdist tcp sport 5199 tcp dport >= 1024 notrack accept skuid dnsdist tcp sport 55 tcp dport >= 1024 notrack accept
skuid != root counter goto graceful-reject skuid != root counter goto graceful-reject
notrack accept notrack accept