meta l4proto { udp, tcp } th dport bootps counter accept comment "DHCP"
tcp dport ssh counter accept comment "SSH"
udp dport 60000-61000 counter accept comment "Mosh"
+ tcp dport 5201 counter accept comment "iperf"
}
chain input-net {
jump check-public
chain input-intra {
tcp dport ssh counter accept comment "SSH"
udp dport 60000-61000 counter accept comment "Mosh"
+ tcp dport 5201 counter accept comment "iperf"
}
chain output-lan {
tcp dport { ssh, 2222 } counter accept comment "SSH"
counter accept
+ tcp dport 5201 counter accept comment "iperf"
}
chain output-net {
tcp dport { ssh, 2222 } counter accept comment "SSH"
udp dport ntp skuid ${users.systemd-timesync.name} counter accept comment "NTP"
meta l4proto { udp, tcp } skuid dnscrypt-proxy2 counter accept comment "dnscrypt-proxy2"
tcp dport git counter accept comment "Git"
+ tcp dport 5201 counter accept comment "iperf"
}
chain output-intra {
tcp dport { ssh, 2222 } counter accept comment "SSH"
udp dport 60001-60010 counter accept comment "Mosh"
tcp dport { http, https } counter accept comment "HTTP"
- tcp dport git counter accept comment "Git"
+ tcp dport git counter accept comment "git"
+ #tcp dport 4713 counter accept comment "pulseaudio"
+ tcp dport 5201 counter accept comment "iperf"
}
}
'';