From 7cc17b9dbe784170872dba0bcebfb4497047d05c Mon Sep 17 00:00:00 2001
From: xyz <gky44px1999@gmail.com>
Date: Thu, 10 Feb 2022 00:37:29 -0800
Subject: nftables allow mullvad vpn port forwarding

---
 etc/nftables.conf | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

(limited to 'etc/nftables.conf')

diff --git a/etc/nftables.conf b/etc/nftables.conf
index b1d638b6..c0d0601d 100644
--- a/etc/nftables.conf
+++ b/etc/nftables.conf
@@ -18,13 +18,15 @@ table inet my_table {
 		ct state invalid drop comment "early drop of invalid connections"
 		ct state {established, related} accept comment "allow tracked connections"
 		iifname lo accept comment "allow from loopback"
-		ip protocol icmp accept comment "allow icmp"
-		meta l4proto ipv6-icmp accept comment "allow icmp v6"
-
-		#tcp dport ssh accept comment "allow sshd"
-		#tcp dport searx accept comment "allow searx"
-		tcp dport qrcp accept comment "allow qrcp"
-		udp dport mdns accept comment "allow mdns"
+		ip protocol icmp accept
+		meta l4proto ipv6-icmp accept
+
+		#tcp dport ssh accept
+		#tcp dport searx accept
+		tcp dport qrcp accept
+		udp dport mdns accept
+		tcp dport mullvad-forward accept
+		udp dport mullvad-forward accept
 
 		pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited
 		counter comment "count any other traffic"
-- 
cgit v1.2.3-70-g09d2