rc/network
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

firewall: create empty ipsets for known networks

Browse source 
So we don’t crash and burn before config is set up.
This commit is contained in:
Timotej Lazar 2024-01-30 12:37:14 +01:00
parent 161ce73be7
commit 544aa0a088
2 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/firewall/templates/nftables.nft.j2
View file

@ -5,6 +5,7 @@ flush ruleset
table inet filter {
include "/etc/nftables.d/interfaces.nft"
include "/etc/nftables.d/networks.nft"
include "/etc/nftables.d/sets.nft*"
set link {
@ -92,6 +93,7 @@ table inet filter {
table ip nat {
include "/etc/nftables.d/interfaces.nft"
include "/etc/nftables.d/networks.nft"
include "/etc/nftables.d/sets.nft*"
include "/etc/nftables.d/netmap.nft*"