From d7a6698375bf0f593ba404f1292d95a36e4b7109 Mon Sep 17 00:00:00 2001
From: urosm <urosm@kompot.si>
Date: Sun, 7 Jul 2024 22:10:41 +0200
Subject: [PATCH] .config/nftables.conf: update

---
 .config/nftables.conf | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/.config/nftables.conf b/.config/nftables.conf
index 68f04c3..470f7f4 100755
--- a/.config/nftables.conf
+++ b/.config/nftables.conf
@@ -4,14 +4,13 @@ flush ruleset
 
 table inet filter {
     chain input {
-        type filter hook input priority filter; policy drop;
+        type filter hook input priority 0; policy drop;
 
-        iif lo accept comment "Accept localhost traffic"
-        ct state invalid drop comment "Drop invalid connections"
-        ct state established,related accept comment "Accept established and related connections"
-        meta l4proto { icmp, ipv6-icmp } accept comment "Accept ICMP/ICMPv6 traffic"
-        ip protocol igmp accept comment "Accept IGMP traffic"
+        iif lo accept comment "Accept any localhost traffic"
+        ct state established,related accept comment "Accept trafic originated from us"
 
+        meta l4proto { icmp, icmpv6 } accept comment "Accept ICMP/ICMPv6 traffic"
         udp dport mdns accept comment "Accept mDNS"
+        tcp dport ipp accept comment "Accept IPP"
     }
 }