From a4bad496d3eeafe001a64702cd20e36fb6871d52 Mon Sep 17 00:00:00 2001 From: celso Date: Fri, 13 Dec 2024 02:44:37 -0300 Subject: [PATCH] added games and removed unnecesary brackets --- defines.nft | 5 +++++ filter.nft | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/defines.nft b/defines.nft index 17a6691..e9a85f8 100644 --- a/defines.nft +++ b/defines.nft @@ -6,11 +6,16 @@ define SSH_PORT1 = 22 define SSH_PORT2 = 8022 define HTTP_PORT = 80 define HTTPS_PORT = 443 +define SYNCPLAY_PORT = 60000 +define TERRARIA_PORT = 7777 # TCP and UDP services (needs to go in both sets) define DNS_PORT = 53 +define OPENTTD_PORT = 3979 # UDP only services define DHCP_IN_PORT = 67 define DHCP_OUT_PORT = 68 define OPENVPN_PORT = 1194 +define FACTORIO_PORT = 34197 +define CSTRIKE_PORT = 27015 diff --git a/filter.nft b/filter.nft index 03c934b..32b2933 100644 --- a/filter.nft +++ b/filter.nft @@ -7,13 +7,13 @@ table ip filter { set allowed_tcp_ports { type inet_service; flags constant; - elements = { $SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT }; + elements = { $SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT, $SYNCPLAY_PORT, $TERRARIA_PORT, $OPENTTD_PORT }; } set allowed_udp_ports_in { type inet_service; flags constant; - elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT } + elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT } } set allowed_udp_ports_out { @@ -25,7 +25,7 @@ table ip filter { chain in { type filter hook input priority filter; policy drop; ct state invalid drop; - ct state {related,established} accept; + ct state related,established accept; iifname "lo" accept; tcp dport @allowed_tcp_ports accept; udp dport @allowed_udp_ports_in accept;