summaryrefslogtreecommitdiff
path: root/etc/netns
diff options
context:
space:
mode:
Diffstat (limited to 'etc/netns')
-rw-r--r--etc/netns/ns0/nftables.conf3
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/netns/ns0/nftables.conf b/etc/netns/ns0/nftables.conf
index b0c1237c..2d6a6e48 100644
--- a/etc/netns/ns0/nftables.conf
+++ b/etc/netns/ns0/nftables.conf
@@ -22,7 +22,8 @@ table inet my_table {
ct state invalid drop comment "early drop of invalid connections"
ct state {established, related} accept comment "allow tracked connections"
iifname lo accept comment "allow from loopback"
- iifname $wg_iface accept comment "allow from wireguard"
+ iifname $wg_iface ip saddr 10.0.0.1 accept comment "allow from wireguard insp ip"
+ iifname $wg_iface ip6 saddr fdc9:281f:04d7:9ee9::1 accept comment "allow from wireguard insp ip"
ip protocol icmp accept
meta l4proto ipv6-icmp accept
generated by cgit v1.2.3-70-g09d2 (git 2.50.1) at 2025-07-14 15:09:37 +0000