1
0
Fork 0
dot/.config/nftables.conf

18 lines
562 B
Plaintext
Raw Normal View History

2024-04-28 18:01:42 +02:00
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
2024-06-12 00:47:39 +02:00
chain input {
type filter hook input priority filter; policy drop;
iif lo accept comment "Accept localhost traffic"
ct state invalid drop comment "Drop invalid connections"
ct state established,related accept comment "Accept established and related connections"
meta l4proto { icmp, ipv6-icmp } accept comment "Accept ICMP/ICMPv6 traffic"
ip protocol igmp accept comment "Accept IGMP traffic"
udp dport mdns accept comment "Accept mDNS"
}
2024-04-28 18:01:42 +02:00
}