Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-07-23 23:11:10 -04:00
Code Issues Projects Releases Packages Wiki Activity

allow PowerDNS webserver on loopback for root

Browse source
This commit is contained in:
Daniel Micay 2023-02-14 01:19:19 -05:00
parent 7871fa2d51
commit c9dcf479fc
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nftables-dns.conf
View file

@ -55,6 +55,8 @@ table inet filter {
skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
skuid {chrony, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
skuid powerdns meta l4proto tcp th sport 80 th dport >= 1024 accept
skuid != root counter goto output-reject
accept
}