fix internet access problem

threefoldtech · Sep 11, 2024 · 6cb4cb0 · 6cb4cb0
1 parent e56ea0d
commit 6cb4cb0
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/cmds/modules/netlightd/nft/rules.nft b/cmds/modules/netlightd/nft/rules.nft
@@ -8,8 +8,14 @@ table inet filter {
 	}
 
 	chain output {
-		type filter hook output priority filter; policy drop;
-		ip daddr 192.168.1.1 accept # the router ip
+       type filter hook output priority filter; policy accept;
+       ip daddr 192.168.123.32 accept
+       ip daddr { 8.8.8.8, 1.1.1.1, 192.168.123.1 } udp dport 53 accept
+       ip daddr 192.168.123.32 tcp dport { 80, 443, 22 } accept
+       tcp dport 443 accept
+       ct state established,related accept
+       ip protocol icmp accept
+       meta nfproto ipv4 drop
 	}
 
 	chain prerouting {