From baa554ffd041870c2c3305eae83cc7aa6e3d6be7 Mon Sep 17 00:00:00 2001 From: celso Date: Thu, 12 Dec 2024 22:23:05 -0300 Subject: [PATCH] allowed loopback traffic --- filter.nft | 2 ++ 1 file changed, 2 insertions(+) diff --git a/filter.nft b/filter.nft index 7cdcd6a..4d8d8bd 100644 --- a/filter.nft +++ b/filter.nft @@ -26,6 +26,7 @@ table ip filter { type filter hook input priority filter; policy drop; ct state invalid drop; ct state {related,established} accept; + iifname "lo" accept; tcp dport @allowed_tcp_ports accept; udp dport @allowed_udp_ports_in accept; } @@ -36,5 +37,6 @@ table ip filter { chain out { type filter hook output priority filter; policy drop; udp dport @allowed_udp_ports_out accept; + oifname "lo" accept; } }