Allow outgoing OpenPGP HTTP requests.
This commit is contained in:
parent
b831267b8e
commit
93e4a2e939
|
@ -10,6 +10,7 @@
|
|||
* Use more sets and vars definitions for input/output to avoid multiple rules.
|
||||
* Allow outgoing icmp.
|
||||
* Remove DHCP incoming packets. The connection is started by the host, don't need incoming rule.
|
||||
* Allow outgoing OpenPGP HTTP requests.
|
||||
|
||||
## v1.0
|
||||
|
||||
|
|
|
@ -116,7 +116,7 @@ nft_define_default:
|
|||
value: 'none'
|
||||
output tcp accepted:
|
||||
name: output_tcp_accept
|
||||
value: '{ http, https }'
|
||||
value: '{ http, https, hkp }'
|
||||
output udp accepted:
|
||||
name: output_udp_accept
|
||||
value: '{ bootps, domain, ntp }'
|
||||
|
@ -177,7 +177,7 @@ table inet firewall {
|
|||
set output_tcp_accept {
|
||||
type inet_service
|
||||
flags interval
|
||||
elements = { http, https}
|
||||
elements = { http, https, hkp}
|
||||
}
|
||||
|
||||
set output_udp_accept {
|
||||
|
|
|
@ -71,7 +71,7 @@ nft_define_default:
|
|||
value: 'none'
|
||||
output tcp accepted:
|
||||
name: output_tcp_accept
|
||||
value: '{ http, https }'
|
||||
value: '{ http, https, hkp }'
|
||||
output udp accepted:
|
||||
name: output_udp_accept
|
||||
value: '{ bootps, domain, ntp }'
|
||||
|
|
Loading…
Reference in New Issue