From 887fede91be53a4d64045b534f9732a0d58330a3 Mon Sep 17 00:00:00 2001
From: Mark Nipper <nipsy@bitgnome.net>
Date: Mon, 22 Sep 2025 19:15:03 -0700
Subject: Add VPN firewall rule @arrakis

---
 hosts/arrakis/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'hosts')

diff --git a/hosts/arrakis/default.nix b/hosts/arrakis/default.nix
index 6613c67..4e1e6e9 100644
--- a/hosts/arrakis/default.nix
+++ b/hosts/arrakis/default.nix
@@ -53,7 +53,7 @@
     		iifname wg1 tcp dport { 49152-65535 } accept # Transmission
 
     		# drop everything else
-    		tcp flags & (fin | syn | rst | ack) == syn log prefix "refused connection: " level info
+    		log prefix "refused connection: " level info
     		counter drop
     	}
     
-- 
cgit v1.2.3