Add VPN firewall rule @arrakis

author: Mark Nipper <nipsy@bitgnome.net> 2025-09-22 19:15:03 -0700
committer: Mark Nipper <nipsy@bitgnome.net> 2025-09-22 19:15:03 -0700
commit: 887fede91be53a4d64045b534f9732a0d58330a3 (patch)
tree: e3e10cecacbc14bd3dcaeba354ef3684c09642b8
parent: dd49ff9375dc0d24ea079047990433d360920ee5 (diff)
download: nix-887fede91be53a4d64045b534f9732a0d58330a3.tar
nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.gz
nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.bz2
nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.lz
nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.xz
nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.zst
nix-887fede91be53a4d64045b534f9732a0d58330a3.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/hosts/arrakis/default.nix b/hosts/arrakis/default.nix
index 6613c67..4e1e6e9 100644
--- a/hosts/arrakis/default.nix
+++ b/hosts/arrakis/default.nix
@@ -53,7 +53,7 @@
     		iifname wg1 tcp dport { 49152-65535 } accept # Transmission
 
     		# drop everything else
-    		tcp flags & (fin | syn | rst | ack) == syn log prefix "refused connection: " level info
+    		log prefix "refused connection: " level info
     		counter drop
     	}
author	Mark Nipper <nipsy@bitgnome.net>	2025-09-22 19:15:03 -0700
committer	Mark Nipper <nipsy@bitgnome.net>	2025-09-22 19:15:03 -0700
commit	887fede91be53a4d64045b534f9732a0d58330a3 (patch)
tree	e3e10cecacbc14bd3dcaeba354ef3684c09642b8
parent	dd49ff9375dc0d24ea079047990433d360920ee5 (diff)
download	nix-887fede91be53a4d64045b534f9732a0d58330a3.tar nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.gz nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.bz2 nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.lz nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.xz nix-887fede91be53a4d64045b534f9732a0d58330a3.tar.zst nix-887fede91be53a4d64045b534f9732a0d58330a3.zip