From 6cb4cb0412a6b2e5997a36eb1321beab88aee110 Mon Sep 17 00:00:00 2001 From: Eslam-Nawara Date: Wed, 11 Sep 2024 11:39:45 +0300 Subject: [PATCH] fix internet access problem --- cmds/modules/netlightd/nft/rules.nft | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/cmds/modules/netlightd/nft/rules.nft b/cmds/modules/netlightd/nft/rules.nft index e24e1d7c8..70ba0d4c5 100644 --- a/cmds/modules/netlightd/nft/rules.nft +++ b/cmds/modules/netlightd/nft/rules.nft @@ -8,8 +8,14 @@ table inet filter { } chain output { - type filter hook output priority filter; policy drop; - ip daddr 192.168.1.1 accept # the router ip + type filter hook output priority filter; policy accept; + ip daddr 192.168.123.32 accept + ip daddr { 8.8.8.8, 1.1.1.1, 192.168.123.1 } udp dport 53 accept + ip daddr 192.168.123.32 tcp dport { 80, 443, 22 } accept + tcp dport 443 accept + ct state established,related accept + ip protocol icmp accept + meta nfproto ipv4 drop } chain prerouting {