alpine: don’t assume all services are TCP

2024-07-26 10:14:23 +02:00 · 2024-07-26 10:14:23 +02:00 · a3dd4eba65
commit a3dd4eba65
parent b20e9cccff
1 changed files with 2 additions and 2 deletions
--- a/roles/alpine/templates/local.nft.j2
+++ b/roles/alpine/templates/local.nft.j2
@ -12,10 +12,10 @@ table inet filter {
 {% endif %}
 {% if prefixes4 or prefixes6 %}
 {% if prefixes4 %}
-        ip saddr { {{ prefixes4 | join(', ') }} } tcp dport { {{ ports }} } accept
+        ip saddr { {{ prefixes4 | join(', ') }} } {{ service.protocol.value }} dport { {{ ports }} } accept
 {% endif %}
 {% if prefixes6 %}
-        ip6 saddr { {{ prefixes6 | join(', ') }} } tcp dport { {{ ports }} } accept
+        ip6 saddr { {{ prefixes6 | join(', ') }} } {{ service.protocol.value }} dport { {{ ports }} } accept
 {% endif %}
 {% else %}
        tcp dport { {{ ports }} } accept