diff options
Diffstat (limited to 'hosts')
| -rw-r--r-- | hosts/arrakis/default.nix | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/hosts/arrakis/default.nix b/hosts/arrakis/default.nix index 6ca2eff..392468c 100644 --- a/hosts/arrakis/default.nix +++ b/hosts/arrakis/default.nix @@ -68,7 +68,8 @@ # allow any traffic out through VPN oifname wg1 accept - # drop everything else + # drop everything else + tcp flags & (fin | syn | rst | ack) == syn log prefix "refused connection: " level info counter drop } |