space_server: nftables: allow IPv6 mDNS

author: Emil Renner Berthing <esmil@labitat.dk> 2017-11-15 21:48:23 +0100
committer: Emil Renner Berthing <esmil@labitat.dk> 2017-11-15 21:48:23 +0100
commit: a7f4f41fb8959da897469b927f35be88b7b0503f (patch)
tree: ae3a5ae4696d40dbe4400c376d049ca983a16957 /roles/space_server/files/nftables/nftables.conf
parent: 487ddc89bcb63c2fc8d94c0cd50d65ba9ae60c1a (diff)
download: labitat-ansible-a7f4f41fb8959da897469b927f35be88b7b0503f.tar.gz
labitat-ansible-a7f4f41fb8959da897469b927f35be88b7b0503f.tar.xz
labitat-ansible-a7f4f41fb8959da897469b927f35be88b7b0503f.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/roles/space_server/files/nftables/nftables.conf b/roles/space_server/files/nftables/nftables.conf
index 619d776..e2f5eb3 100644
--- a/roles/space_server/files/nftables/nftables.conf
+++ b/roles/space_server/files/nftables/nftables.conf
@@ -149,6 +149,9 @@ table ip6 filter {
 		ip6 saddr $ext_net6 tcp dport 53 accept
 		ip6 saddr $ext_net6 udp dport 53 accept
 
+		# avahi
+		ip6 daddr ff02::fb udp dport 5353 iif $avahi_ifs accept
+
 		## debugging
 		#counter log prefix "in6: " drop
 		drop
author	Emil Renner Berthing <esmil@labitat.dk>	2017-11-15 21:48:23 +0100
committer	Emil Renner Berthing <esmil@labitat.dk>	2017-11-15 21:48:23 +0100
commit	a7f4f41fb8959da897469b927f35be88b7b0503f (patch)
tree	ae3a5ae4696d40dbe4400c376d049ca983a16957 /roles/space_server/files/nftables/nftables.conf
parent	487ddc89bcb63c2fc8d94c0cd50d65ba9ae60c1a (diff)
download	labitat-ansible-a7f4f41fb8959da897469b927f35be88b7b0503f.tar.gz labitat-ansible-a7f4f41fb8959da897469b927f35be88b7b0503f.tar.xz labitat-ansible-a7f4f41fb8959da897469b927f35be88b7b0503f.zip