aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server/files/nftables.conf
diff options
context:
space:
mode:
Diffstat (limited to 'roles/space_server/files/nftables.conf')
-rw-r--r--roles/space_server/files/nftables.conf6
1 files changed, 6 insertions, 0 deletions
diff --git a/roles/space_server/files/nftables.conf b/roles/space_server/files/nftables.conf
index f29c274..2cd170b 100644
--- a/roles/space_server/files/nftables.conf
+++ b/roles/space_server/files/nftables.conf
@@ -69,6 +69,9 @@ table ip filter {
# bird etc. on fiberby link
iif $ext_if ip saddr $link_net4 ip daddr $link_net4 counter accept
+ # bgp
+ iif $colo_if tcp dport bgp accept
+
# dhcp
udp sport bootpc udp dport bootps iif != $ext_if counter accept
@@ -166,6 +169,9 @@ table ip6 filter {
# bird etc. on fiberby link
iif $ext_if ip6 saddr $link_net6 ip6 daddr $link_net6 counter accept
+ # bgp
+ iif $colo_if tcp dport bgp accept
+
# tftp
iif $wire_if ip6 saddr $wire_net6 udp dport 69 accept
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-18 04:03:16 +0000